Sirefef-trojský kůň

[e_mysak]

Problém s virem Sirefef který mi hlásí Eset, dá se to nějak odstranit?
PC je zpomalené a dost dloho startuje.
Posílám log z RSIT a opis protokolu Esetu.

ESET:
Protokol o kontrole
Verze virové databáze: 9800 (20140514)
Datum: 14.5.2014 Čas: 20:22:02
Testované disky, adresáře a soubory: Operační paměť;Boot sektor
Operační paměť - Win32/Sirefef trojský kůň - výběr akce byl odložen na konec kontroly počítače
Počet zkontrolovaných objektů: 382
Počet nalezených hrozeb: 1
Počet vyléčených objektů: 0
Čas ukončení: 20:22:03 Celkový čas diagnostiky: 1 sek (00:00:01)


RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jiří at 2014-05-14 20:45:34
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 58 GB (37%) free of 156 GB
Total RAM: 2047 MB (74% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-117609710-1801674531-1004Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-117609710-1801674531-1004UA.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-117609710-1801674531-1007Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-117609710-1801674531-1007UA.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_setup_exe.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-03-19 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-03-19 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2001-07-03 57344]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"PMCLoader"=C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe [2008-12-16 644368]
"Akamai NetSession Interface"=C:\Documents and Settings\Jiří\Local Settings\Data aplikací\Akamai\netsession_win.exe []
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2014-01-09 277808]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Pinnacle Streaming Server.lnk - C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

C:\Documents and Settings\Jiří\Nabídka Start\Programy\Po spuštění
Svátky a narozeniny.lnk - C:\Program Files\Svátky a narozeniny\SaN.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-21 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92288165.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\92288165.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe:LocalSubNet:Enabled:Pinnacle Streaming Server"
"C:\Games\TmNationsForever\TmForever.exe"="C:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Documents and Settings\Masek\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Masek\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2014-05-14 20:44:28 ----D---- C:\Viry
2014-05-14 15:36:48 ----D---- C:\Sapi
2014-05-13 17:42:24 ----A---- C:\TDSSKiller.3.0.0.34_13.05.2014_17.42.24_log.txt
2014-05-13 17:40:49 ----A---- C:\TDSSKiller.2.8.16.0_13.05.2014_17.40.49_log.txt
2014-05-13 17:39:54 ----A---- C:\TDSSKiller.2.8.16.0_13.05.2014_17.39.54_log.txt
2014-05-13 16:42:28 ----A---- C:\TDSSKiller.2.8.16.0_13.05.2014_16.42.28_log.txt
2014-05-13 16:39:07 ----A---- C:\TDSSKiller.2.8.16.0_13.05.2014_16.39.07_log.txt
2014-05-13 00:03:36 ----A---- C:\WINDOWS\ntbtlog.txt
2014-05-11 20:15:47 ----D---- C:\Program Files\Mozilla Firefox
2014-04-23 19:56:12 ----D---- C:\RavoRife
2014-04-23 18:59:04 ----A---- C:\WINDOWS\system32\FTLang.dll
2014-04-23 18:59:04 ----A---- C:\WINDOWS\system32\ftd2xx.dll
2014-04-23 18:59:04 ----A---- C:\WINDOWS\system32\ftbusui.dll
2014-04-23 18:58:40 ----A---- C:\WINDOWS\system32\javaws.exe
2014-04-23 18:58:40 ----A---- C:\WINDOWS\system32\javaw.exe
2014-04-23 18:58:40 ----A---- C:\WINDOWS\system32\java.exe
2014-04-16 21:16:52 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll

======List of files/folders modified in the last 1 months======

2014-05-14 20:45:36 ----D---- C:\Program Files\trend micro
2014-05-14 20:44:42 ----A---- C:\WINDOWS\WINCMD.INI
2014-05-14 20:40:17 ----D---- C:\WINDOWS\Prefetch
2014-05-14 20:22:24 ----D---- C:\Program Files\Zrychleni Pocitace
2014-05-14 20:21:01 ----D---- C:\Temp
2014-05-14 20:20:59 ----D---- C:\Documents and Settings\Jiří\Data aplikací\Skype
2014-05-14 17:44:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-05-14 15:21:06 ----AD---- C:\WINDOWS
2014-05-14 13:29:05 ----D---- C:\WINDOWS\Temp
2014-05-14 11:26:12 ----D---- C:\WINDOWS\system32\CatRoot2
2014-05-14 07:54:06 ----D---- C:\WINDOWS\system32
2014-05-14 07:53:55 ----D---- C:\WINDOWS\Debug
2014-05-14 07:26:56 ----D---- C:\WINDOWS\system32\drivers
2014-05-13 18:04:20 ----HD---- C:\WINDOWS\inf
2014-05-13 17:49:51 ----SHD---- C:\System Volume Information
2014-05-13 12:51:56 ----D---- C:\WINDOWS\system32\Restore
2014-05-12 16:59:01 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-05-11 20:16:33 ----RD---- C:\Program Files
2014-05-11 11:09:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-08 14:11:03 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-07 07:57:38 ----D---- C:\UCTO2013
2014-05-06 14:37:12 ----D---- C:\mBank_2014
2014-05-01 19:54:16 ----D---- C:\WINDOWS\system32\config
2014-05-01 19:53:50 ----D---- C:\WINDOWS\system32\wbem
2014-05-01 19:53:49 ----D---- C:\WINDOWS\Registration
2014-04-28 18:06:15 ----D---- C:\Documents and Settings\Jiří\Data aplikací\vlc
2014-04-24 15:40:57 ----SHD---- C:\WINDOWS\Installer
2014-04-24 15:40:57 ----SHD---- C:\Config.Msi
2014-04-23 19:51:57 ----D---- C:\Install
2014-04-23 18:59:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-04-23 18:58:20 ----D---- C:\Program Files\Java
2014-04-18 19:31:49 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-09-17 184664]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2013-09-17 61600]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-10-07 80576]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-04-21 729088]
R3 bcm4sbxp;ASUSTeK/Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2002-09-10 41728]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2013-09-17 38952]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 PinnacleRoyalTS;Pinnacle Systems RoyalTS Device; C:\WINDOWS\system32\DRIVERS\RoyalTS.sys [2008-12-15 123520]
R3 sbpci;Sound Blaster PCI128 Audio Driver (WDM); C:\WINDOWS\system32\drivers\sbpci.sys [2001-10-26 492672]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2013-07-25 65896]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 pctvvbi;PCTVVBI; C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-04-21 397312]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTSvcCDA.exe [1999-12-13 44032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 Freemake Improver;Freemake Improver; C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-03-26 108032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-03-17 182696]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2014-01-09 423728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-04-21 516096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-08 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-11 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[e_mysak]

Omlouvám se za zdržení, přijel jsem domů až v 18:00. Hned jsem pustil ComboFix a zde je log:

ComboFix 14-05-13.01 - Masek 15.05.2014 18:50:29.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1625 [GMT 2:00]
Spuštěný z: c:\documents and settings\Masek\Plocha\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\UCTO2010
c:\ucto2010\{DATA}\ADRESY.000
c:\ucto2010\{DATA}\ADRESY.T00
c:\ucto2010\{DATA}\ADRESY.X00
c:\ucto2010\{DATA}\ARCHIVD.001
c:\ucto2010\{DATA}\ARCHIVD.T01
c:\ucto2010\{DATA}\BANKA1.008
c:\ucto2010\{DATA}\CEST_FH.006
c:\ucto2010\{DATA}\CEST_FH.T06
c:\ucto2010\{DATA}\CEST_VH.006
c:\ucto2010\{DATA}\CEST_VH.T06
c:\ucto2010\{DATA}\CISABS.004
c:\ucto2010\{DATA}\CISABS.X04
c:\ucto2010\{DATA}\CISDOKL.001
c:\ucto2010\{DATA}\CISDRUH.001
c:\ucto2010\{DATA}\CISDRUH.X01
c:\ucto2010\{DATA}\CISPOH.001
c:\ucto2010\{DATA}\CISPOH.X01
c:\ucto2010\{DATA}\CISPOZN.000
c:\ucto2010\{DATA}\CISPOZN.T00
c:\ucto2010\{DATA}\CIST.000
c:\ucto2010\{DATA}\CIST.X00
c:\ucto2010\{DATA}\CISTEXT.001
c:\ucto2010\{DATA}\CISTXT.006
c:\ucto2010\{DATA}\CISTXT.X06
c:\ucto2010\{DATA}\CISVYKON.001
c:\ucto2010\{DATA}\CISVYKON.X01
c:\ucto2010\{DATA}\DAP15.003
c:\ucto2010\{DATA}\DAP15.T03
c:\ucto2010\{DATA}\DENIK.001
c:\ucto2010\{DATA}\DENIK.T01
c:\ucto2010\{DATA}\DODL_VH.006
c:\ucto2010\{DATA}\DODL_VH.T06
c:\ucto2010\{DATA}\EDIT.000
c:\ucto2010\{DATA}\EDIT.X00
c:\ucto2010\{DATA}\EDITPAR.000
c:\ucto2010\{DATA}\EDITPAR.X00
c:\ucto2010\{DATA}\FAKT_FH.006
c:\ucto2010\{DATA}\FAKT_FH.T06
c:\ucto2010\{DATA}\FAKT_FP.006
c:\ucto2010\{DATA}\FAKT_FS.006
c:\ucto2010\{DATA}\FINANCE.001
c:\ucto2010\{DATA}\FINANCE.T01
c:\ucto2010\{DATA}\HOBAVYP.008
c:\ucto2010\{DATA}\INV_Z.007
c:\ucto2010\{DATA}\KATEG.004
c:\ucto2010\{DATA}\KATEG.X04
c:\ucto2010\{DATA}\OBJE_VH.006
c:\ucto2010\{DATA}\OBJE_VH.T06
c:\ucto2010\{DATA}\ODPISY.009
c:\ucto2010\{DATA}\ODPISY.X09
c:\ucto2010\{DATA}\PAR01A2.001
c:\ucto2010\{DATA}\PAR01A4.001
c:\ucto2010\{DATA}\PAR02A2.002
c:\ucto2010\{DATA}\PAR02A4.002
c:\ucto2010\{DATA}\PAR03A4.003
c:\ucto2010\{DATA}\PAR04A2.004
c:\ucto2010\{DATA}\PAR05A4.005
c:\ucto2010\{DATA}\PAR06A4.006
c:\ucto2010\{DATA}\PAR07A4.007
c:\ucto2010\{DATA}\PAR08A2.008
c:\ucto2010\{DATA}\PAR09A2.009
c:\ucto2010\{DATA}\PAR09A2.T09
c:\ucto2010\{DATA}\PAR09A4.009
c:\ucto2010\{DATA}\PAR97A2.097
c:\ucto2010\{DATA}\PARAM2.000
c:\ucto2010\{DATA}\PARAM2.T00
c:\ucto2010\{DATA}\PARAM4.000
c:\ucto2010\{DATA}\PARAM4.T00
c:\ucto2010\{DATA}\PARHB.008
c:\ucto2010\{DATA}\PARIMPA4.000
c:\ucto2010\{DATA}\PARZAS.001
c:\ucto2010\{DATA}\PLATBY.001
c:\ucto2010\{DATA}\PLATBY.T01
c:\ucto2010\{DATA}\POHLZAV.001
c:\ucto2010\{DATA}\POHLZAV.T01
c:\ucto2010\{DATA}\POHYBZ.001
c:\ucto2010\{DATA}\POHYBZ.X01
c:\ucto2010\{DATA}\POJIST.004
c:\ucto2010\{DATA}\POJIST.X04
c:\ucto2010\{DATA}\PRACSML.004
c:\ucto2010\{DATA}\PRACSML.T04
c:\ucto2010\{DATA}\SHIFTF3.000
c:\ucto2010\{DATA}\SHIFTF3.X00
c:\ucto2010\{DATA}\SIL.005
c:\ucto2010\{DATA}\SIL.T05
c:\ucto2010\{DATA}\SILVOZ.005
c:\ucto2010\{DATA}\SILVOZ.X05
c:\ucto2010\{DATA}\STORNA.001
c:\ucto2010\{DATA}\STORNA.T01
c:\ucto2010\{DATA}\TRIDY.004
c:\ucto2010\{DATA}\TRIDY.X04
c:\ucto2010\{DATA}\TYPDOKL.001
c:\ucto2010\{DATA}\TYPDOKL.X01
c:\ucto2010\{DATA}\UCTY.000
c:\ucto2010\{DATA}\UCTY.X00
c:\ucto2010\{DATA}\UKOLY.000
c:\ucto2010\{DATA}\UKOLY.T00
c:\ucto2010\{DATA}\UZAV.001
c:\ucto2010\{DATA}\VYKMAZA.UUU
c:\ucto2010\{DATA}\ZAOKFA.006
c:\ucto2010\{DATA}\ZAOKFA.X06
c:\ucto2010\{DATA}\ZBO_HP.007
c:\ucto2010\{DATA}\ZBO_HV.007
c:\ucto2010\{DATA}\ZBO_PV.007
c:\ucto2010\{DATA}\ZBOZI.001
c:\ucto2010\{DATA}\ZBOZI.T01
c:\ucto2010\{DATA}\ZP.009
c:\ucto2010\{DATA}\ZP.T09
c:\ucto2010\{DATA00}\ADRESY.000
c:\ucto2010\{DATA00}\ADRESY.T00
c:\ucto2010\{DATA00}\ADRESY.X00
c:\ucto2010\{DATA00}\ARCHIVD.001
c:\ucto2010\{DATA00}\ARCHIVD.T01
c:\ucto2010\{DATA00}\BANKA1.008
c:\ucto2010\{DATA00}\CEST_FH.006
c:\ucto2010\{DATA00}\CEST_FH.T06
c:\ucto2010\{DATA00}\CEST_FH.X06
c:\ucto2010\{DATA00}\CEST_VH.006
c:\ucto2010\{DATA00}\CEST_VH.T06
c:\ucto2010\{DATA00}\CEST_VH.X06
c:\ucto2010\{DATA00}\CISABS.004
c:\ucto2010\{DATA00}\CISABS.X04
c:\ucto2010\{DATA00}\CISDOKL.001
c:\ucto2010\{DATA00}\CISDRUH.001
c:\ucto2010\{DATA00}\CISDRUH.X01
c:\ucto2010\{DATA00}\CISPOH.001
c:\ucto2010\{DATA00}\CISPOH.X01
c:\ucto2010\{DATA00}\CISPOZN.000
c:\ucto2010\{DATA00}\CISPOZN.T00
c:\ucto2010\{DATA00}\CIST.000
c:\ucto2010\{DATA00}\CISTEXT.001
c:\ucto2010\{DATA00}\CISTXT.006
c:\ucto2010\{DATA00}\CISVYKON.001
c:\ucto2010\{DATA00}\CISVYKON.X01
c:\ucto2010\{DATA00}\DAP15.003
c:\ucto2010\{DATA00}\DAP15.T03
c:\ucto2010\{DATA00}\DENIK.001
c:\ucto2010\{DATA00}\DENIK.T01
c:\ucto2010\{DATA00}\DODL_VH.006
c:\ucto2010\{DATA00}\DODL_VH.T06
c:\ucto2010\{DATA00}\DODL_VH.X06
c:\ucto2010\{DATA00}\EDIT.000
c:\ucto2010\{DATA00}\FAKT_FH.006
c:\ucto2010\{DATA00}\FAKT_FH.T06
c:\ucto2010\{DATA00}\FAKT_FH.X06
c:\ucto2010\{DATA00}\FAKT_FP.006
c:\ucto2010\{DATA00}\FAKT_FS.006
c:\ucto2010\{DATA00}\FINANCE.001
c:\ucto2010\{DATA00}\FINANCE.T01
c:\ucto2010\{DATA00}\HOBAVYP.008
c:\ucto2010\{DATA00}\INV_Z.007
c:\ucto2010\{DATA00}\KATEG.004
c:\ucto2010\{DATA00}\OBJE_VH.006
c:\ucto2010\{DATA00}\OBJE_VH.T06
c:\ucto2010\{DATA00}\OBJE_VH.X06
c:\ucto2010\{DATA00}\ODPISY.009
c:\ucto2010\{DATA00}\ODPISY.X09
c:\ucto2010\{DATA00}\PAR01A2.001
c:\ucto2010\{DATA00}\PAR01A4.001
c:\ucto2010\{DATA00}\PAR02A2.002
c:\ucto2010\{DATA00}\PAR02A4.002
c:\ucto2010\{DATA00}\PAR03A4.003
c:\ucto2010\{DATA00}\PAR04A2.004
c:\ucto2010\{DATA00}\PAR05A4.005
c:\ucto2010\{DATA00}\PAR06A4.006
c:\ucto2010\{DATA00}\PAR07A4.007
c:\ucto2010\{DATA00}\PAR08A2.008
c:\ucto2010\{DATA00}\PAR09A2.009
c:\ucto2010\{DATA00}\PAR09A2.T09
c:\ucto2010\{DATA00}\PAR09A4.009
c:\ucto2010\{DATA00}\PAR97A2.097
c:\ucto2010\{DATA00}\PARAM2.000
c:\ucto2010\{DATA00}\PARAM2.T00
c:\ucto2010\{DATA00}\PARAM4.000
c:\ucto2010\{DATA00}\PARAM4.T00
c:\ucto2010\{DATA00}\PARHB.008
c:\ucto2010\{DATA00}\PARZAS.001
c:\ucto2010\{DATA00}\PLATBY.001
c:\ucto2010\{DATA00}\PLATBY.T01
c:\ucto2010\{DATA00}\POHYBZ.001
c:\ucto2010\{DATA00}\POHYBZ.X01
c:\ucto2010\{DATA00}\POJIST.004
c:\ucto2010\{DATA00}\PRACSML.004
c:\ucto2010\{DATA00}\PRACSML.T04
c:\ucto2010\{DATA00}\SHIFTF3.000
c:\ucto2010\{DATA00}\SIL.005
c:\ucto2010\{DATA00}\SIL.T05
c:\ucto2010\{DATA00}\SILVOZ.005
c:\ucto2010\{DATA00}\SILVOZ.X05
c:\ucto2010\{DATA00}\STORNA.001
c:\ucto2010\{DATA00}\STORNA.T01
c:\ucto2010\{DATA00}\TRIDY.004
c:\ucto2010\{DATA00}\TYPDOKL.001
c:\ucto2010\{DATA00}\UCTY.000
c:\ucto2010\{DATA00}\UKOLY.000
c:\ucto2010\{DATA00}\UKOLY.T00
c:\ucto2010\{DATA00}\UZAV.001
c:\ucto2010\{DATA00}\ZAOKFA.006
c:\ucto2010\{DATA00}\ZBO_HP.007
c:\ucto2010\{DATA00}\ZBO_HV.007
c:\ucto2010\{DATA00}\ZBO_PV.007
c:\ucto2010\{DATA00}\ZBOZI.001
c:\ucto2010\{DATA00}\ZBOZI.T01
c:\ucto2010\{DATA00}\ZP.009
c:\ucto2010\{DATA00}\ZP.T09
c:\ucto2010\{DATA00}\ZURNALD.001
c:\ucto2010\{GLOB}\ADRWEB.000
c:\ucto2010\{GLOB}\BANKY.000
c:\ucto2010\{GLOB}\BANKY.X00
c:\ucto2010\{GLOB}\BANKYHB.008
c:\ucto2010\{GLOB}\CISOKR.097
c:\ucto2010\{GLOB}\DATA.000
c:\ucto2010\{GLOB}\DATA.X00
c:\ucto2010\{GLOB}\EXPDEKLA.099
c:\ucto2010\{GLOB}\EXPDEKLA.T99
c:\ucto2010\{GLOB}\FAQ.000
c:\ucto2010\{GLOB}\FAQ.X00
c:\ucto2010\{GLOB}\FIRMY.000
c:\ucto2010\{GLOB}\FORMS.099
c:\ucto2010\{GLOB}\FORMS.T99
c:\ucto2010\{GLOB}\KODPOJ.004
c:\ucto2010\{GLOB}\MODULY.000
c:\ucto2010\{GLOB}\NAHRNEM.004
c:\ucto2010\{GLOB}\NEZDAN.000
c:\ucto2010\{GLOB}\NEZDAN.X00
c:\ucto2010\{GLOB}\OKRESY.000
c:\ucto2010\{GLOB}\OKRESY.X00
c:\ucto2010\{GLOB}\PARAM1.000
c:\ucto2010\{GLOB}\PLATIDLA.004
c:\ucto2010\{GLOB}\POSTY.000
c:\ucto2010\{GLOB}\POSTY.X00
c:\ucto2010\{GLOB}\REPORT.099
c:\ucto2010\{GLOB}\REPORT.T99
c:\ucto2010\{GLOB}\REPORT.X99
c:\ucto2010\{GLOB}\SAZDPH.000
c:\ucto2010\{GLOB}\SAZDPH.X00
c:\ucto2010\{GLOB}\SAZDZP.000
c:\ucto2010\{GLOB}\SAZDZP.X00
c:\ucto2010\{GLOB}\SAZDZPM.004
c:\ucto2010\{GLOB}\SAZODP.009
c:\ucto2010\{GLOB}\SLOVNIK.006
c:\ucto2010\{GLOB}\ZALDZP.004
c:\ucto2010\{GLOB}\ZDRSOC.004
c:\ucto2010\{GLOB}\ZUJ.097
c:\ucto2010\{GLOB00}\ADRWEB.000
c:\ucto2010\{GLOB00}\BANKY.000
c:\ucto2010\{GLOB00}\BANKYHB.008
c:\ucto2010\{GLOB00}\CISOKR.097
c:\ucto2010\{GLOB00}\DATA.000
c:\ucto2010\{GLOB00}\DATA.X00
c:\ucto2010\{GLOB00}\EXPDEKLA.099
c:\ucto2010\{GLOB00}\EXPDEKLA.T99
c:\ucto2010\{GLOB00}\FAQ.000
c:\ucto2010\{GLOB00}\FIRMY.000
c:\ucto2010\{GLOB00}\FORMS.099
c:\ucto2010\{GLOB00}\FORMS.T99
c:\ucto2010\{GLOB00}\KODPOJ.004
c:\ucto2010\{GLOB00}\MODULY.000
c:\ucto2010\{GLOB00}\NAHRNEM.004
c:\ucto2010\{GLOB00}\NEZDAN.000
c:\ucto2010\{GLOB00}\NEZDAN.X00
c:\ucto2010\{GLOB00}\OKRESY.000
c:\ucto2010\{GLOB00}\PARAM1.000
c:\ucto2010\{GLOB00}\PLATIDLA.004
c:\ucto2010\{GLOB00}\POSTY.000
c:\ucto2010\{GLOB00}\REPORT.099
c:\ucto2010\{GLOB00}\REPORT.T99
c:\ucto2010\{GLOB00}\REPORT.X99
c:\ucto2010\{GLOB00}\SAZDPH.000
c:\ucto2010\{GLOB00}\SAZDPH.X00
c:\ucto2010\{GLOB00}\SAZDZP.000
c:\ucto2010\{GLOB00}\SAZDZP.X00
c:\ucto2010\{GLOB00}\SAZDZPM.004
c:\ucto2010\{GLOB00}\SAZODP.009
c:\ucto2010\{GLOB00}\SLOVNIK.006
c:\ucto2010\{GLOB00}\ZALDZP.004
c:\ucto2010\{GLOB00}\ZDRSOC.004
c:\ucto2010\{GLOB00}\ZUJ.097
c:\ucto2010\{INFO}\ADRZPRAV.000
c:\ucto2010\{INFO}\ADRZPRAV.T00
c:\ucto2010\{INFO}\INFOAUTO.000
c:\ucto2010\{INFO}\INFOPROB.000
c:\ucto2010\{INFO}\INFOPROB.T00
c:\ucto2010\{INFO}\INFOPROB.X00
c:\ucto2010\{INFO}\INFOTEMA.000
c:\ucto2010\{INFO}\KONFEREN.000
c:\ucto2010\{INFO}\KONFEREN.T00
c:\ucto2010\{INFO}\PGMKOD.000
c:\ucto2010\{INFO}\PROGRAMY.000
c:\ucto2010\{INFO}\PROGRAMY.T00
c:\ucto2010\{INFO}\SLUZKOD.000
c:\ucto2010\{INFO00}\ADRZPRAV.000
c:\ucto2010\{INFO00}\ADRZPRAV.T00
c:\ucto2010\{INFO00}\INFOAUTO.000
c:\ucto2010\{INFO00}\INFOPROB.000
c:\ucto2010\{INFO00}\INFOPROB.T00
c:\ucto2010\{INFO00}\INFOTEMA.000
c:\ucto2010\{INFO00}\KONFEREN.000
c:\ucto2010\{INFO00}\KONFEREN.T00
c:\ucto2010\{INFO00}\PGMKOD.000
c:\ucto2010\{INFO00}\PROGRAMY.000
c:\ucto2010\{INFO00}\PROGRAMY.T00
c:\ucto2010\{INFO00}\SLUZKOD.000
c:\ucto2010\{NOVA}\ADRESY.000
c:\ucto2010\{NOVA}\ADRESY.T00
c:\ucto2010\{NOVA}\CISABS.004
c:\ucto2010\{NOVA}\CISDOKL.001
c:\ucto2010\{NOVA}\CISDRUH.001
c:\ucto2010\{NOVA}\CISPOH.001
c:\ucto2010\{NOVA}\CISPOZN.000
c:\ucto2010\{NOVA}\CISPOZN.T00
c:\ucto2010\{NOVA}\CIST.000
c:\ucto2010\{NOVA}\CISTXT.006
c:\ucto2010\{NOVA}\CISVYKON.001
c:\ucto2010\{NOVA}\KATEG.004
c:\ucto2010\{NOVA}\PARAM2.000
c:\ucto2010\{NOVA}\PARAM2.T00
c:\ucto2010\{NOVA}\PRACSML.004
c:\ucto2010\{NOVA}\PRACSML.T04
c:\ucto2010\{NOVA}\TRIDY.004
c:\ucto2010\{NOVA}\TYPDOKL.001
c:\ucto2010\{NOVA}\UKOLY.000
c:\ucto2010\{NOVA}\UKOLY.T00
c:\ucto2010\{NOVA}\UZAV.001
c:\ucto2010\{NOVA}\ZAOKFA.006
c:\ucto2010\{OBNV}.BAT
c:\ucto2010\{OBNV}\BANKYHB.008
c:\ucto2010\{OBNV}\KODPOJ.004
c:\ucto2010\{OBNV}\MODULY.000
c:\ucto2010\{OBNV}\NAHRNEM.004
c:\ucto2010\{OBNV}\NEZDAN.000
c:\ucto2010\{OBNV}\PLATIDLA.004
c:\ucto2010\{OBNV}\SAZDPH.000
c:\ucto2010\{OBNV}\SAZDZP.000
c:\ucto2010\{OBNV}\SAZDZPM.004
c:\ucto2010\{OBNV}\SAZODP.009
c:\ucto2010\{OBNV}\SLOVNIK.006
c:\ucto2010\{OBNV}\UCTO2010.CAT
c:\ucto2010\{OBNV}\UCTOOL.EX
c:\ucto2010\{OBNV}\UTISK04.EX
c:\ucto2010\{OBNV}\ZALDZP.004
c:\ucto2010\{OBNV}\ZDRSOC.004
c:\ucto2010\{PDF1}\DAVKYK2.PDF
c:\ucto2010\{PDF1}\DAVKYK3.PDF
c:\ucto2010\{PDF1}\DAVKYP2.PDF
c:\ucto2010\{PDF1}\DAVKYP3.PDF
c:\ucto2010\{PDF1}\DPH15.PDF
c:\ucto2010\{PDF1}\DPH15P.PDF
c:\ucto2010\{PDF1}\DPH16.PDF
c:\ucto2010\{PDF1}\DPH16P.PDF
c:\ucto2010\{PDF1}\DZP.PDF
c:\ucto2010\{PDF1}\DZP_1.PDF
c:\ucto2010\{PDF1}\DZP_2.PDF
c:\ucto2010\{PDF1}\DZP_3.PDF
c:\ucto2010\{PDF1}\DZP_7.PDF
c:\ucto2010\{PDF1}\DZPP.PDF
c:\ucto2010\{PDF1}\ELDP09B.PDF
c:\ucto2010\{PDF1}\ELDP09F.PDF
c:\ucto2010\{PDF1}\ELDP09K.PDF
c:\ucto2010\{PDF1}\ELDP09M.PDF
c:\ucto2010\{PDF1}\ELDP09P.PDF
c:\ucto2010\{PDF1}\ELDPF.PDF
c:\ucto2010\{PDF1}\ELDPK.PDF
c:\ucto2010\{PDF1}\ELDPM.PDF
c:\ucto2010\{PDF1}\ELDPP.PDF
c:\ucto2010\{PDF1}\HROMOZN.PDF
c:\ucto2010\{PDF1}\HROMOZNP.PDF
c:\ucto2010\{PDF1}\CHYBCAST.PDF
c:\ucto2010\{PDF1}\NEMOC.PDF
c:\ucto2010\{PDF1}\NEMOCP.PDF
c:\ucto2010\{PDF1}\ODCITPOL.PDF
c:\ucto2010\{PDF1}\ONZ.PDF
c:\ucto2010\{PDF1}\ONZK.PDF
c:\ucto2010\{PDF1}\ONZP.PDF
c:\ucto2010\{PDF1}\OSSZ.PDF
c:\ucto2010\{PDF1}\OSSZK.PDF
c:\ucto2010\{PDF1}\OSSZP.PDF
c:\ucto2010\{PDF1}\POCZAM.PDF
c:\ucto2010\{PDF1}\POJZAM.PDF
c:\ucto2010\{PDF1}\SILDAN.PDF
c:\ucto2010\{PDF1}\SILDANPO.PDF
c:\ucto2010\{PDF1}\SILDANPR.PDF
c:\ucto2010\{PDF1}\SOUHLAS.PDF
c:\ucto2010\{PDF1}\SOUHLASP.PDF
c:\ucto2010\{PDF1}\VYUCT.PDF
c:\ucto2010\{PDF1}\VYUCTP.PDF
c:\ucto2010\{PDF1}\VYUCTSRP.PDF
c:\ucto2010\{PDF1}\VYUCTSRZ.PDF
c:\ucto2010\{PDF1}\VZP.PDF
c:\ucto2010\{PDF1}\VZPP.PDF
c:\ucto2010\{PDF2}\DLBL.PDF
c:\ucto2010\{PDF2}\DLBL2.PDF
c:\ucto2010\{PDF2}\DLBW.PDF
c:\ucto2010\{PDF2}\DLBW2.PDF
c:\ucto2010\{PDF2}\DLGR.PDF
c:\ucto2010\{PDF2}\DLGR2.PDF
c:\ucto2010\{PDF2}\FABL.PDF
c:\ucto2010\{PDF2}\FABL2.PDF
c:\ucto2010\{PDF2}\FABW.PDF
c:\ucto2010\{PDF2}\FABW2.PDF
c:\ucto2010\{PDF2}\FAGR.PDF
c:\ucto2010\{PDF2}\FAGR2.PDF
c:\ucto2010\{PDF2}\OBBL.PDF
c:\ucto2010\{PDF2}\OBBL2.PDF
c:\ucto2010\{PDF2}\OBBW.PDF
c:\ucto2010\{PDF2}\OBBW2.PDF
c:\ucto2010\{PDF2}\OBGR.PDF
c:\ucto2010\{PDF2}\OBGR2.PDF
c:\ucto2010\{PDF3}\DAVKYK2X.DEF
c:\ucto2010\{PDF3}\DAVKYK2X.PDF
c:\ucto2010\{PDF3}\DAVKYK3X.DEF
c:\ucto2010\{PDF3}\DAVKYK3X.PDF
c:\ucto2010\{PDF3}\DPH15X.DEF
c:\ucto2010\{PDF3}\DPH15X.PDF
c:\ucto2010\{PDF3}\DPH16X.DEF
c:\ucto2010\{PDF3}\DPH16X.PDF
c:\ucto2010\{PDF3}\DZP_1X.DEF
c:\ucto2010\{PDF3}\DZP_1X.PDF
c:\ucto2010\{PDF3}\DZP_2X.DEF
c:\ucto2010\{PDF3}\DZP_2X.PDF
c:\ucto2010\{PDF3}\DZP_3X.DEF
c:\ucto2010\{PDF3}\DZP_3X.PDF
c:\ucto2010\{PDF3}\DZPX.DEF
c:\ucto2010\{PDF3}\DZPX.PDF
c:\ucto2010\{PDF3}\HROMOZNX.DEF
c:\ucto2010\{PDF3}\HROMOZNX.PDF
c:\ucto2010\{PDF3}\CHYBCASX.DEF
c:\ucto2010\{PDF3}\CHYBCASX.PDF
c:\ucto2010\{PDF3}\NEMOCX.DEF
c:\ucto2010\{PDF3}\NEMOCX.PDF
c:\ucto2010\{PDF3}\OSSZKX.DEF
c:\ucto2010\{PDF3}\OSSZKX.PDF
c:\ucto2010\{PDF3}\OSSZX.DEF
c:\ucto2010\{PDF3}\OSSZX.PDF
c:\ucto2010\{PDF3}\POCZAMX.DEF
c:\ucto2010\{PDF3}\POCZAMX.PDF
c:\ucto2010\{PDF3}\POJZAMX.DEF
c:\ucto2010\{PDF3}\POJZAMX.PDF
c:\ucto2010\{PDF3}\SILDANPX.DEF
c:\ucto2010\{PDF3}\SILDANPX.PDF
c:\ucto2010\{PDF3}\SILDANX.DEF
c:\ucto2010\{PDF3}\SILDANX.PDF
c:\ucto2010\{PDF3}\SOUHLASX.DEF
c:\ucto2010\{PDF3}\SOUHLASX.PDF
c:\ucto2010\{PDF3}\VYUCTSRX.DEF
c:\ucto2010\{PDF3}\VYUCTSRX.PDF
c:\ucto2010\{PDF3}\VYUCTX.DEF
c:\ucto2010\{PDF3}\VYUCTX.PDF
c:\ucto2010\{PDF3}\VZPX.DEF
c:\ucto2010\{PDF3}\VZPX.PDF
c:\ucto2010\{PRIK}\ABSENCE.004
c:\ucto2010\{PRIK}\ADRESY.000
c:\ucto2010\{PRIK}\ADRESY.T00
c:\ucto2010\{PRIK}\ADRSPEC.000
c:\ucto2010\{PRIK}\ADRSPEC.T00
c:\ucto2010\{PRIK}\ARCHIVM.004
c:\ucto2010\{PRIK}\ARCHIVM.T04
c:\ucto2010\{PRIK}\AUTA.005
c:\ucto2010\{PRIK}\AUTA.T05
c:\ucto2010\{PRIK}\BANKA1.008
c:\ucto2010\{PRIK}\CE_AUTA.006
c:\ucto2010\{PRIK}\CE_AUTA.T06
c:\ucto2010\{PRIK}\CE_TRASY.006
c:\ucto2010\{PRIK}\CEST_FH.006
c:\ucto2010\{PRIK}\CEST_FH.T06
c:\ucto2010\{PRIK}\CEST_FP.006
c:\ucto2010\{PRIK}\CEST_FS.006
c:\ucto2010\{PRIK}\CEST_VH.006
c:\ucto2010\{PRIK}\CEST_VH.T06
c:\ucto2010\{PRIK}\CEST_VP.006
c:\ucto2010\{PRIK}\CEST_VS.006
c:\ucto2010\{PRIK}\CISABS.004
c:\ucto2010\{PRIK}\CISCEST.005
c:\ucto2010\{PRIK}\CISDOKL.001
c:\ucto2010\{PRIK}\CISDRUH.001
c:\ucto2010\{PRIK}\CISPOH.001
c:\ucto2010\{PRIK}\CISPOL.006
c:\ucto2010\{PRIK}\CISPOZN.000
c:\ucto2010\{PRIK}\CISPOZN.T00
c:\ucto2010\{PRIK}\CIST.000
c:\ucto2010\{PRIK}\CISTEXT.001
c:\ucto2010\{PRIK}\CISTXT.006
c:\ucto2010\{PRIK}\CISUCEL.005
c:\ucto2010\{PRIK}\CISUKOL.004
c:\ucto2010\{PRIK}\CISVYKON.001
c:\ucto2010\{PRIK}\DAP15.003
c:\ucto2010\{PRIK}\DAP15.T03
c:\ucto2010\{PRIK}\DAP16.003
c:\ucto2010\{PRIK}\DAP16.T03
c:\ucto2010\{PRIK}\DENIK.001
c:\ucto2010\{PRIK}\DENIK.T01
c:\ucto2010\{PRIK}\DETI.004
c:\ucto2010\{PRIK}\DETI15.003
c:\ucto2010\{PRIK}\DETI16.003
c:\ucto2010\{PRIK}\DODL_AH.006
c:\ucto2010\{PRIK}\DODL_AH.T06
c:\ucto2010\{PRIK}\DODL_AP.006
c:\ucto2010\{PRIK}\DODL_AS.006
c:\ucto2010\{PRIK}\DODL_FH.006
c:\ucto2010\{PRIK}\DODL_FH.T06
c:\ucto2010\{PRIK}\DODL_FP.006
c:\ucto2010\{PRIK}\DODL_FS.006
c:\ucto2010\{PRIK}\DODL_VH.006
c:\ucto2010\{PRIK}\DODL_VH.T06
c:\ucto2010\{PRIK}\DODL_VP.006
c:\ucto2010\{PRIK}\DODL_VS.006
c:\ucto2010\{PRIK}\DOPISY.002
c:\ucto2010\{PRIK}\DOPISY.T02
c:\ucto2010\{PRIK}\DOPISYMM.002
c:\ucto2010\{PRIK}\DOPISYMM.T02
c:\ucto2010\{PRIK}\DOVROK.004
c:\ucto2010\{PRIK}\DROBMAJ.009
c:\ucto2010\{PRIK}\DROBMAJ.T09
c:\ucto2010\{PRIK}\EDIT.000
c:\ucto2010\{PRIK}\EDITPAR.000
c:\ucto2010\{PRIK}\EDITTAB.000
c:\ucto2010\{PRIK}\EDITTAB.T00
c:\ucto2010\{PRIK}\FAKT_AH.006
c:\ucto2010\{PRIK}\FAKT_AH.T06
c:\ucto2010\{PRIK}\FAKT_AP.006
c:\ucto2010\{PRIK}\FAKT_AS.006
c:\ucto2010\{PRIK}\FAKT_FH.006
c:\ucto2010\{PRIK}\FAKT_FH.T06
c:\ucto2010\{PRIK}\FAKT_FP.006
c:\ucto2010\{PRIK}\FAKT_FS.006
c:\ucto2010\{PRIK}\FAKT_VH.006
c:\ucto2010\{PRIK}\FAKT_VH.T06
c:\ucto2010\{PRIK}\FAKT_VP.006
c:\ucto2010\{PRIK}\FAKT_VS.006
c:\ucto2010\{PRIK}\FINANCE.001
c:\ucto2010\{PRIK}\FINANCE.T01
c:\ucto2010\{PRIK}\JIZDY.005
c:\ucto2010\{PRIK}\JIZDY.T05
c:\ucto2010\{PRIK}\KATEG.004
c:\ucto2010\{PRIK}\MAT_HP.007
c:\ucto2010\{PRIK}\MAT_PP.007
c:\ucto2010\{PRIK}\MATERIAL.001
c:\ucto2010\{PRIK}\MATERIAL.T01
c:\ucto2010\{PRIK}\MZDY.004
c:\ucto2010\{PRIK}\MZDY.T04
c:\ucto2010\{PRIK}\OBJE_FH.006
c:\ucto2010\{PRIK}\OBJE_FH.T06
c:\ucto2010\{PRIK}\OBJE_FP.006
c:\ucto2010\{PRIK}\OBJE_FS.006
c:\ucto2010\{PRIK}\OBJE_VH.006
c:\ucto2010\{PRIK}\OBJE_VH.T06
c:\ucto2010\{PRIK}\OBJE_VP.006
c:\ucto2010\{PRIK}\OBJE_VS.006
c:\ucto2010\{PRIK}\ODPISY.009
c:\ucto2010\{PRIK}\ODVODYM.004
c:\ucto2010\{PRIK}\OSSZ08.003
c:\ucto2010\{PRIK}\OST15.003
c:\ucto2010\{PRIK}\OST16.003
c:\ucto2010\{PRIK}\PARAM2.000
c:\ucto2010\{PRIK}\PARAM2.T00
c:\ucto2010\{PRIK}\PARHB.008
c:\ucto2010\{PRIK}\PARZAS.001
c:\ucto2010\{PRIK}\PHM.005
c:\ucto2010\{PRIK}\PLATBY.001
c:\ucto2010\{PRIK}\PLATBY.T01
c:\ucto2010\{PRIK}\POHLZAV.001
c:\ucto2010\{PRIK}\POHLZAV.T01
c:\ucto2010\{PRIK}\POHYBM.001
c:\ucto2010\{PRIK}\POHYBV.001
c:\ucto2010\{PRIK}\POHYBZ.001
c:\ucto2010\{PRIK}\POJIST.004
c:\ucto2010\{PRIK}\POSTA.002
c:\ucto2010\{PRIK}\POSTA.T02
c:\ucto2010\{PRIK}\PRACOV.004
c:\ucto2010\{PRIK}\PRACOV.T04
c:\ucto2010\{PRIK}\PRACSML.004
c:\ucto2010\{PRIK}\PRACSML.T04
c:\ucto2010\{PRIK}\PRAVJIZD.005
c:\ucto2010\{PRIK}\PRAVJIZD.T05
c:\ucto2010\{PRIK}\PRIKH.008
c:\ucto2010\{PRIK}\PRIKP.008
c:\ucto2010\{PRIK}\SCIT_H.099
c:\ucto2010\{PRIK}\SCIT_H.T99
c:\ucto2010\{PRIK}\SCIT_P.099
c:\ucto2010\{PRIK}\SHIFTF3.000
c:\ucto2010\{PRIK}\SIL.005
c:\ucto2010\{PRIK}\SIL.T05
c:\ucto2010\{PRIK}\SILDAN.005
c:\ucto2010\{PRIK}\SILVOZ.005
c:\ucto2010\{PRIK}\SRAZKY.004
c:\ucto2010\{PRIK}\SRAZKY.T04
c:\ucto2010\{PRIK}\STATY.000
c:\ucto2010\{PRIK}\STRAV.004
c:\ucto2010\{PRIK}\TECHZHOD.009
c:\ucto2010\{PRIK}\TEXTY.002
c:\ucto2010\{PRIK}\TEXTY.T02
c:\ucto2010\{PRIK}\TRIDY.004
c:\ucto2010\{PRIK}\TYPDOKL.001
c:\ucto2010\{PRIK}\UCTY.000
c:\ucto2010\{PRIK}\UKOL.004
c:\ucto2010\{PRIK}\UKOLY.000
c:\ucto2010\{PRIK}\UKOLY.T00
c:\ucto2010\{PRIK}\UPR15.003
c:\ucto2010\{PRIK}\UPR16.003
c:\ucto2010\{PRIK}\UZAV.001
c:\ucto2010\{PRIK}\VYKMAZA.UUU
c:\ucto2010\{PRIK}\VYR_HP.007
c:\ucto2010\{PRIK}\VYR_HV.007
c:\ucto2010\{PRIK}\VYR_PP.007
c:\ucto2010\{PRIK}\VYR_PV.007
c:\ucto2010\{PRIK}\VYRIZUJE.002
c:\ucto2010\{PRIK}\VYROBA.001
c:\ucto2010\{PRIK}\VYROBKY.001
c:\ucto2010\{PRIK}\VYROBKY.T01
c:\ucto2010\{PRIK}\VYUCSRAZ.097
c:\ucto2010\{PRIK}\VYUCZAL.097
c:\ucto2010\{PRIK}\VZP08.003
c:\ucto2010\{PRIK}\ZAL_H.099
c:\ucto2010\{PRIK}\ZAL_H.T99
c:\ucto2010\{PRIK}\ZAOKFA.006
c:\ucto2010\{PRIK}\ZBO_HP.007
c:\ucto2010\{PRIK}\ZBO_HV.007
c:\ucto2010\{PRIK}\ZBO_PP.007
c:\ucto2010\{PRIK}\ZBO_PV.007
c:\ucto2010\{PRIK}\ZBOZI.001
c:\ucto2010\{PRIK}\ZBOZI.T01
c:\ucto2010\{PRIK}\ZP.009
c:\ucto2010\{PRIK}\ZP.T09
c:\ucto2010\{SEST}\SEST00.TXT
c:\ucto2010\{SEST}\SEST00.TXT.vir
c:\ucto2010\{SEST}\SEST01.TXT
c:\ucto2010\{SEST}\SEST01.TXT.vir
c:\ucto2010\{SEST}\SEST02.TXT
c:\ucto2010\{SEST}\SEST02.TXT.vir
c:\ucto2010\{SEST}\SEST03.TXT
c:\ucto2010\{SEST}\SEST03.TXT.vir
c:\ucto2010\{SEST}\SEST04.TXT
c:\ucto2010\{SEST}\SEST04.TXT.vir
c:\ucto2010\{SEST}\SEST05.TXT
c:\ucto2010\{SEST}\SEST05.TXT.vir
c:\ucto2010\{SEST}\SEST06.TXT
c:\ucto2010\{SEST}\SEST06.TXT.vir
c:\ucto2010\{SEST}\SEST07.TXT
c:\ucto2010\{SEST}\SEST07.TXT.vir
c:\ucto2010\{SEST}\SEST08.TXT
c:\ucto2010\{SEST}\SEST08.TXT.vir
c:\ucto2010\{SEST}\SEST09.TXT
c:\ucto2010\{SEST}\SEST09.TXT.vir
c:\ucto2010\{SEST}\SEST10.TXT
c:\ucto2010\{SEST}\SEST10.TXT.vir
c:\ucto2010\{SLOZ}\BALIK_O.HTM
c:\ucto2010\{SLOZ}\BALIK_O.JS
c:\ucto2010\{SLOZ}\BALIK_P.HTM
c:\ucto2010\{SLOZ}\BALIK_P.JS
c:\ucto2010\{SLOZ}\SLOZ_A.HTM
c:\ucto2010\{SLOZ}\SLOZ_A.JS
c:\ucto2010\{SLOZ}\SLOZ_C.HTM
c:\ucto2010\{SLOZ}\SLOZ_C.JS
c:\ucto2010\{STAN}\BACKUP.000
c:\ucto2010\{STAN}\BKPSTAT.000
c:\ucto2010\{STAN}\DANZAT.004
c:\ucto2010\{STAN}\HESLA.000
c:\ucto2010\{STAN}\HESLA.T00
c:\ucto2010\{STAN}\HOBAPZ.008
c:\ucto2010\{STAN}\HOBAPZ.T08
c:\ucto2010\{STAN}\KALEXEK.099
c:\ucto2010\{STAN}\KALSZM06.099
c:\ucto2010\{STAN}\KASA.099
c:\ucto2010\{STAN}\LEAS.099
c:\ucto2010\{STAN}\LEAS.T99
c:\ucto2010\{STAN}\PAR01A3.001
c:\ucto2010\{STAN}\PAR02A3.002
c:\ucto2010\{STAN}\PAR03A3.003
c:\ucto2010\{STAN}\PAR03A3.T03
c:\ucto2010\{STAN}\PAR06A3.006
c:\ucto2010\{STAN}\PAR07A3.007
c:\ucto2010\{STAN}\PAR08A3.008
c:\ucto2010\{STAN}\PAR09A3.009
c:\ucto2010\{STAN}\PARAM3.000
c:\ucto2010\{STAN}\PARAM3.T00
c:\ucto2010\{STAN}\PATHS.000
c:\ucto2010\{STAN}\PATHS.X00
c:\ucto2010\{STAN}\PENIZE.009
c:\ucto2010\{STAN}\PENIZED.009
c:\ucto2010\{STAN}\PGM.000
c:\ucto2010\{STAN}\PRECISD.001
c:\ucto2010\{STAN}\SCITAC.099
c:\ucto2010\{STAN}\STAT.000
c:\ucto2010\{STAN}\TELSEZN.099
c:\ucto2010\{STAN}\VEDKALK.099
c:\ucto2010\{TISK}\ALISFAND.EXE
c:\ucto2010\{TISK}\CALLER.EXE
c:\ucto2010\{TISK}\CMDIALOG.VBX
c:\ucto2010\{TISK}\DISKSIZW.EXE
c:\ucto2010\{TISK}\DISKY.EXE
c:\ucto2010\{TISK}\ELPODPIS.EXE
c:\ucto2010\{TISK}\FAND2PDF.EXE
c:\ucto2010\{TISK}\FANDCLIP.EXE
c:\ucto2010\{TISK}\IEUCTO.EXE
c:\ucto2010\{TISK}\MSINET.OCX
c:\ucto2010\{TISK}\MSMAPI32.OCX
c:\ucto2010\{TISK}\MSVBVM60.DLL
c:\ucto2010\{TISK}\PDFTISK1.EXE
c:\ucto2010\{TISK}\PDFTISK2.EXE
c:\ucto2010\{TISK}\PDFTISK3.EXE
c:\ucto2010\{TISK}\REGISTER.EXE
c:\ucto2010\{TISK}\SETUPCP.EXE
c:\ucto2010\{TISK}\SIFRCSSZ.CER
c:\ucto2010\{TISK}\UCTOFONT.FON
c:\ucto2010\{TISK}\UCTOFT98.EXE
c:\ucto2010\{TISK}\UCTOFTP.EXE
c:\ucto2010\{TISK}\UCTOGRAF.EXE
c:\ucto2010\{TISK}\UCTOGRAF.INI
c:\ucto2010\{TISK}\UCTOLNK.EXE
c:\ucto2010\{TISK}\UCTOLNK.UUU
c:\ucto2010\{TISK}\UCTOLNK.W7
c:\ucto2010\{TISK}\UCTOLNK.WV
c:\ucto2010\{TISK}\UCTOLNK.WXP
c:\ucto2010\{TISK}\UCTOOL.EXE
c:\ucto2010\{TISK}\UEMAIL.EXE
c:\ucto2010\{TISK}\UEMAIL06.EXE
c:\ucto2010\{TISK}\UTISK01.EXE
c:\ucto2010\{TISK}\UTISK04.EXE
c:\ucto2010\{TISK}\UTISK98.EXE
c:\ucto2010\{TISK}\UTISK98.INI
c:\ucto2010\{TISK}\VBRUN300.DLL
c:\ucto2010\{TISK}\WINVERZE.EXE
c:\ucto2010\{UDOC}\CENIK.TXT
c:\ucto2010\{UDOC}\D2008.PDF
c:\ucto2010\{UDOC}\FAKTURA.TXT
c:\ucto2010\{UDOC}\INFO.TXT
c:\ucto2010\{UDOC}\LICENCE.TXT
c:\ucto2010\{UDOC}\OBJ.TXT
c:\ucto2010\{UDOC}\OBJZPR.TXT
c:\ucto2010\{UDOC}\ONAS.TXT
c:\ucto2010\{UDOC}\POUPG.TXT
c:\ucto2010\{UDOC}\PRIRUCKA.TXT
c:\ucto2010\{UDOC}\PRPRDOK.TXT
c:\ucto2010\{UDOC}\R2010.PDF
c:\ucto2010\{UDOC}\U2010.PDF
c:\ucto2010\{UDOC}\UCTOWIN7.TXT
c:\ucto2010\{UDOC}\ZPROSTRE.TXT
c:\ucto2010\{WWWW}\VERZEWWW.UUU
c:\ucto2010\{ZAL2}\{DATA}.J2B
c:\ucto2010\{ZAL2}\{DATA}.J2T
c:\ucto2010\{ZAL2}\{DATA}.J2Z
c:\ucto2010\{ZAL2}\{GLOB}.J4B
c:\ucto2010\{ZAL2}\{GLOB}.J4T
c:\ucto2010\{ZAL2}\{GLOB}.J4Z
c:\ucto2010\{ZAL2}\FIRMA2.J2B
c:\ucto2010\{ZAL2}\FIRMA2.J2T
c:\ucto2010\{ZAL2}\FIRMA2.J2Z
c:\ucto2010\{ZAL2}\FIRMA3.J2B
c:\ucto2010\{ZAL2}\FIRMA3.J2T
c:\ucto2010\{ZAL2}\FIRMA3.J2Z
c:\ucto2010\{ZAL2}\FIRMA4.J2B
c:\ucto2010\{ZAL2}\FIRMA4.J2T
c:\ucto2010\{ZAL2}\FIRMA4.J2Z
c:\ucto2010\{ZAL2}\FIRMA8.J2B
c:\ucto2010\{ZAL2}\FIRMA8.J2T
c:\ucto2010\{ZAL2}\FIRMA8.J2Z
c:\ucto2010\ÚČTO2010.W9X
c:\ucto2010\B&W.PAL
c:\ucto2010\BLUE.PAL
c:\ucto2010\BROWN.PAL
c:\ucto2010\CAT.BAT
c:\ucto2010\CISABS.UUU
c:\ucto2010\CISDRUH.UUU
c:\ucto2010\CISPOH.UUU
c:\ucto2010\CISSLOUP.000
c:\ucto2010\CISSLOUP.X00
c:\ucto2010\CONFIG.TXT
c:\ucto2010\DELFILE.EXE
c:\ucto2010\DISKSIZE.EXE
c:\ucto2010\DNY.000
c:\ucto2010\FAND.CFG
c:\ucto2010\FAND.RES
c:\ucto2010\FANDCFG.09
c:\ucto2010\FANDCFG.10
c:\ucto2010\FANDCFG.BAK
c:\ucto2010\FANDCLIP.UUU
c:\ucto2010\FANDHTML.EXE
c:\ucto2010\FANDINST.EXE
c:\ucto2010\FANDT602.EXE
c:\ucto2010\FILESIZE.EXE
c:\ucto2010\FIRMA1\ADRESY.000
c:\ucto2010\FIRMA1\ADRESY.T00
c:\ucto2010\FIRMA1\ADRESY.X00
c:\ucto2010\FIRMA1\BANKA1.008
c:\ucto2010\FIRMA1\CISABS.004
c:\ucto2010\FIRMA1\CISABS.X04
c:\ucto2010\FIRMA1\CISDOKL.001
c:\ucto2010\FIRMA1\CISDRUH.001
c:\ucto2010\FIRMA1\CISDRUH.X01
c:\ucto2010\FIRMA1\CISPOH.001
c:\ucto2010\FIRMA1\CISPOH.X01
c:\ucto2010\FIRMA1\CISPOZN.000
c:\ucto2010\FIRMA1\CISPOZN.T00
c:\ucto2010\FIRMA1\CIST.000
c:\ucto2010\FIRMA1\CISTEXT.001
c:\ucto2010\FIRMA1\CISTXT.006
c:\ucto2010\FIRMA1\CISVYKON.001
c:\ucto2010\FIRMA1\CISVYKON.X01
c:\ucto2010\FIRMA1\DENIK.001
c:\ucto2010\FIRMA1\DENIK.T01
c:\ucto2010\FIRMA1\EDIT.000
c:\ucto2010\FIRMA1\EDIT.X00
c:\ucto2010\FIRMA1\FINANCE.001
c:\ucto2010\FIRMA1\FINANCE.T01
c:\ucto2010\FIRMA1\KATEG.004
c:\ucto2010\FIRMA1\PAR01A2.001
c:\ucto2010\FIRMA1\PAR01A4.001
c:\ucto2010\FIRMA1\PAR09A2.009
c:\ucto2010\FIRMA1\PAR09A2.T09
c:\ucto2010\FIRMA1\PAR09A4.009
c:\ucto2010\FIRMA1\PARAM2.000
c:\ucto2010\FIRMA1\PARAM2.T00
c:\ucto2010\FIRMA1\PARAM4.000
c:\ucto2010\FIRMA1\PARAM4.T00
c:\ucto2010\FIRMA1\PARZAS.001
c:\ucto2010\FIRMA1\PRACSML.004
c:\ucto2010\FIRMA1\PRACSML.T04
c:\ucto2010\FIRMA1\SHIFTF3.000
c:\ucto2010\FIRMA1\TRIDY.004
c:\ucto2010\FIRMA1\TYPDOKL.001
c:\ucto2010\FIRMA1\UKOLY.000
c:\ucto2010\FIRMA1\UKOLY.T00
c:\ucto2010\FIRMA1\UZAV.001
c:\ucto2010\FIRMA1\ZAOKFA.006
c:\ucto2010\FIRMA1\ZURNALD.001
c:\ucto2010\FIRMA2\ADRESY.000
c:\ucto2010\FIRMA2\ADRESY.T00
c:\ucto2010\FIRMA2\ADRESY.X00
c:\ucto2010\FIRMA2\ARCHIVD.001
c:\ucto2010\FIRMA2\ARCHIVD.T01
c:\ucto2010\FIRMA2\BANKA1.008
c:\ucto2010\FIRMA2\CISABS.004
c:\ucto2010\FIRMA2\CISABS.X04
c:\ucto2010\FIRMA2\CISDOKL.001
c:\ucto2010\FIRMA2\CISDRUH.001
c:\ucto2010\FIRMA2\CISDRUH.X01
c:\ucto2010\FIRMA2\CISPOH.001
c:\ucto2010\FIRMA2\CISPOH.X01
c:\ucto2010\FIRMA2\CISPOZN.000
c:\ucto2010\FIRMA2\CISPOZN.T00
c:\ucto2010\FIRMA2\CIST.000
c:\ucto2010\FIRMA2\CIST.X00
c:\ucto2010\FIRMA2\CISTEXT.001
c:\ucto2010\FIRMA2\CISTXT.006
c:\ucto2010\FIRMA2\CISTXT.X06
c:\ucto2010\FIRMA2\CISVYKON.001
c:\ucto2010\FIRMA2\CISVYKON.X01
c:\ucto2010\FIRMA2\DENIK.001
c:\ucto2010\FIRMA2\DENIK.T01
c:\ucto2010\FIRMA2\EDIT.000
c:\ucto2010\FIRMA2\EDIT.X00
c:\ucto2010\FIRMA2\EDITPAR.000
c:\ucto2010\FIRMA2\EDITPAR.X00
c:\ucto2010\FIRMA2\FINANCE.001
c:\ucto2010\FIRMA2\FINANCE.T01
c:\ucto2010\FIRMA2\KATEG.004
c:\ucto2010\FIRMA2\KATEG.X04
c:\ucto2010\FIRMA2\PAR01A2.001
c:\ucto2010\FIRMA2\PAR01A4.001
c:\ucto2010\FIRMA2\PAR09A2.009
c:\ucto2010\FIRMA2\PAR09A2.T09
c:\ucto2010\FIRMA2\PAR09A4.009
c:\ucto2010\FIRMA2\PARAM2.000
c:\ucto2010\FIRMA2\PARAM2.T00
c:\ucto2010\FIRMA2\PARAM4.000
c:\ucto2010\FIRMA2\PARAM4.T00
c:\ucto2010\FIRMA2\PARZAS.001
c:\ucto2010\FIRMA2\PRACSML.004
c:\ucto2010\FIRMA2\PRACSML.T04
c:\ucto2010\FIRMA2\TRIDY.004
c:\ucto2010\FIRMA2\TRIDY.X04
c:\ucto2010\FIRMA2\TYPDOKL.001
c:\ucto2010\FIRMA2\TYPDOKL.X01
c:\ucto2010\FIRMA2\UKOLY.000
c:\ucto2010\FIRMA2\UKOLY.T00
c:\ucto2010\FIRMA2\UZAV.001
c:\ucto2010\FIRMA2\VYKMAZA.UUU
c:\ucto2010\FIRMA2\ZAOKFA.006
c:\ucto2010\FIRMA2\ZAOKFA.X06
c:\ucto2010\FIRMA2\ZURNALD.001
c:\ucto2010\FIRMA3\ADRESY.000
c:\ucto2010\FIRMA3\ADRESY.T00
c:\ucto2010\FIRMA3\ADRESY.X00
c:\ucto2010\FIRMA3\ARCHIVD.001
c:\ucto2010\FIRMA3\ARCHIVD.T01
c:\ucto2010\FIRMA3\BANKA1.008
c:\ucto2010\FIRMA3\CE_AUTA.006
c:\ucto2010\FIRMA3\CE_AUTA.T06
c:\ucto2010\FIRMA3\CISABS.004
c:\ucto2010\FIRMA3\CISABS.X04
c:\ucto2010\FIRMA3\CISDOKL.001
c:\ucto2010\FIRMA3\CISDRUH.001
c:\ucto2010\FIRMA3\CISDRUH.X01
c:\ucto2010\FIRMA3\CISPOH.001
c:\ucto2010\FIRMA3\CISPOH.X01
c:\ucto2010\FIRMA3\CISPOZN.000
c:\ucto2010\FIRMA3\CISPOZN.T00
c:\ucto2010\FIRMA3\CIST.000
c:\ucto2010\FIRMA3\CIST.X00
c:\ucto2010\FIRMA3\CISTEXT.001
c:\ucto2010\FIRMA3\CISTXT.006
c:\ucto2010\FIRMA3\CISTXT.X06
c:\ucto2010\FIRMA3\CISVYKON.001
c:\ucto2010\FIRMA3\CISVYKON.X01
c:\ucto2010\FIRMA3\DAP15.003
c:\ucto2010\FIRMA3\DAP15.T03
c:\ucto2010\FIRMA3\DENIK.001
c:\ucto2010\FIRMA3\DENIK.T01
c:\ucto2010\FIRMA3\EDIT.000
c:\ucto2010\FIRMA3\EDIT.X00
c:\ucto2010\FIRMA3\EDITPAR.000
c:\ucto2010\FIRMA3\EDITPAR.X00
c:\ucto2010\FIRMA3\FINANCE.001
c:\ucto2010\FIRMA3\FINANCE.T01
c:\ucto2010\FIRMA3\KATEG.004
c:\ucto2010\FIRMA3\KATEG.X04
c:\ucto2010\FIRMA3\PAR01A2.001
c:\ucto2010\FIRMA3\PAR01A4.001
c:\ucto2010\FIRMA3\PAR03A4.003
c:\ucto2010\FIRMA3\PAR09A2.009
c:\ucto2010\FIRMA3\PAR09A2.T09
c:\ucto2010\FIRMA3\PAR09A4.009
c:\ucto2010\FIRMA3\PARAM2.000
c:\ucto2010\FIRMA3\PARAM2.T00
c:\ucto2010\FIRMA3\PARAM4.000
c:\ucto2010\FIRMA3\PARAM4.T00
c:\ucto2010\FIRMA3\PARZAS.001
c:\ucto2010\FIRMA3\POJIST.004
c:\ucto2010\FIRMA3\POJIST.X04
c:\ucto2010\FIRMA3\PRACSML.004
c:\ucto2010\FIRMA3\PRACSML.T04
c:\ucto2010\FIRMA3\SHIFTF3.000
c:\ucto2010\FIRMA3\SHIFTF3.X00
c:\ucto2010\FIRMA3\SIL.005
c:\ucto2010\FIRMA3\SIL.T05
c:\ucto2010\FIRMA3\TRIDY.004
c:\ucto2010\FIRMA3\TRIDY.X04
c:\ucto2010\FIRMA3\TYPDOKL.001
c:\ucto2010\FIRMA3\TYPDOKL.X01
c:\ucto2010\FIRMA3\UKOLY.000
c:\ucto2010\FIRMA3\UKOLY.T00
c:\ucto2010\FIRMA3\UZAV.001
c:\ucto2010\FIRMA3\VYKMAZA.UUU
c:\ucto2010\FIRMA3\VYRIZUJE.002
c:\ucto2010\FIRMA3\VYRIZUJE.X02
c:\ucto2010\FIRMA3\ZAOKFA.006
c:\ucto2010\FIRMA3\ZAOKFA.X06
c:\ucto2010\FIRMA3\ZURNALD.001
c:\ucto2010\FIRMA4\ADRESY.000
c:\ucto2010\FIRMA4\ADRESY.T00
c:\ucto2010\FIRMA4\ADRESY.X00
c:\ucto2010\FIRMA4\ARCHIVD.001
c:\ucto2010\FIRMA4\ARCHIVD.T01
c:\ucto2010\FIRMA4\AUTA.005
c:\ucto2010\FIRMA4\AUTA.T05
c:\ucto2010\FIRMA4\BANKA1.008
c:\ucto2010\FIRMA4\CE_AUTA.006
c:\ucto2010\FIRMA4\CE_AUTA.T06
c:\ucto2010\FIRMA4\CE_TRASY.006
c:\ucto2010\FIRMA4\CEST_FH.006
c:\ucto2010\FIRMA4\CEST_FH.T06
c:\ucto2010\FIRMA4\CEST_FP.006
c:\ucto2010\FIRMA4\CEST_FS.006
c:\ucto2010\FIRMA4\CEST_VH.006
c:\ucto2010\FIRMA4\CEST_VH.T06
c:\ucto2010\FIRMA4\CEST_VP.006
c:\ucto2010\FIRMA4\CEST_VS.006
c:\ucto2010\FIRMA4\CISABS.004
c:\ucto2010\FIRMA4\CISABS.X04
c:\ucto2010\FIRMA4\CISCEST.005
c:\ucto2010\FIRMA4\CISCEST.X05
c:\ucto2010\FIRMA4\CISDOKL.001
c:\ucto2010\FIRMA4\CISDRUH.001
c:\ucto2010\FIRMA4\CISDRUH.X01
c:\ucto2010\FIRMA4\CISPOH.001
c:\ucto2010\FIRMA4\CISPOH.X01
c:\ucto2010\FIRMA4\CISPOZN.000
c:\ucto2010\FIRMA4\CISPOZN.T00
c:\ucto2010\FIRMA4\CIST.000
c:\ucto2010\FIRMA4\CIST.X00
c:\ucto2010\FIRMA4\CISTEXT.001
c:\ucto2010\FIRMA4\CISTXT.006
c:\ucto2010\FIRMA4\CISTXT.X06
c:\ucto2010\FIRMA4\CISUCEL.005
c:\ucto2010\FIRMA4\CISVYKON.001
c:\ucto2010\FIRMA4\CISVYKON.X01
c:\ucto2010\FIRMA4\DENIK.001
c:\ucto2010\FIRMA4\DENIK.T01
c:\ucto2010\FIRMA4\DODL_VH.006
c:\ucto2010\FIRMA4\DODL_VH.T06
c:\ucto2010\FIRMA4\EDIT.000
c:\ucto2010\FIRMA4\EDIT.X00
c:\ucto2010\FIRMA4\EDITPAR.000
c:\ucto2010\FIRMA4\EDITPAR.X00
c:\ucto2010\FIRMA4\FAKT_VH.006
c:\ucto2010\FIRMA4\FAKT_VH.T06
c:\ucto2010\FIRMA4\FINANCE.001
c:\ucto2010\FIRMA4\FINANCE.T01
c:\ucto2010\FIRMA4\JIZDY.005
c:\ucto2010\FIRMA4\JIZDY.T05
c:\ucto2010\FIRMA4\KATEG.004
c:\ucto2010\FIRMA4\KATEG.X04
c:\ucto2010\FIRMA4\OBJE_VH.006
c:\ucto2010\FIRMA4\OBJE_VH.T06
c:\ucto2010\FIRMA4\PAR01A2.001
c:\ucto2010\FIRMA4\PAR01A4.001
c:\ucto2010\FIRMA4\PAR02A2.002
c:\ucto2010\FIRMA4\PAR02A4.002
c:\ucto2010\FIRMA4\PAR03A4.003
c:\ucto2010\FIRMA4\PAR04A2.004
c:\ucto2010\FIRMA4\PAR05A4.005
c:\ucto2010\FIRMA4\PAR06A4.006
c:\ucto2010\FIRMA4\PAR08A2.008
c:\ucto2010\FIRMA4\PAR08A4.008
c:\ucto2010\FIRMA4\PAR09A2.009
c:\ucto2010\FIRMA4\PAR09A2.T09
c:\ucto2010\FIRMA4\PAR09A4.009
c:\ucto2010\FIRMA4\PARAM2.000
c:\ucto2010\FIRMA4\PARAM2.T00
c:\ucto2010\FIRMA4\PARAM4.000
c:\ucto2010\FIRMA4\PARAM4.T00
c:\ucto2010\FIRMA4\PARHB.008
c:\ucto2010\FIRMA4\PARZAS.001
c:\ucto2010\FIRMA4\PHM.005
c:\ucto2010\FIRMA4\PHM.X05
c:\ucto2010\FIRMA4\POHLZAV.001
c:\ucto2010\FIRMA4\POHLZAV.T01
c:\ucto2010\FIRMA4\POJIST.004
c:\ucto2010\FIRMA4\POJIST.X04
c:\ucto2010\FIRMA4\PRACSML.004
c:\ucto2010\FIRMA4\PRACSML.T04
c:\ucto2010\FIRMA4\PROVOZ.005
c:\ucto2010\FIRMA4\PROVOZ.T05
c:\ucto2010\FIRMA4\SHIFTF3.000
c:\ucto2010\FIRMA4\SHIFTF3.X00
c:\ucto2010\FIRMA4\SIL.005
c:\ucto2010\FIRMA4\SIL.T05
c:\ucto2010\FIRMA4\SILDAN.005
c:\ucto2010\FIRMA4\SILDAN.X05
c:\ucto2010\FIRMA4\TRIDY.004
c:\ucto2010\FIRMA4\TRIDY.X04
c:\ucto2010\FIRMA4\TYPDOKL.001
c:\ucto2010\FIRMA4\TYPDOKL.X01
c:\ucto2010\FIRMA4\UCTY.000
c:\ucto2010\FIRMA4\UKOLY.000
c:\ucto2010\FIRMA4\UKOLY.T00
c:\ucto2010\FIRMA4\UZAV.001
c:\ucto2010\FIRMA4\VYKMAZA.UUU
c:\ucto2010\FIRMA4\VYRIZUJE.002
c:\ucto2010\FIRMA4\VYRIZUJE.X02
c:\ucto2010\FIRMA4\ZAOKFA.006
c:\ucto2010\FIRMA4\ZAOKFA.X06
c:\ucto2010\FIRMA4\ZURNALD.001
c:\ucto2010\FIRMA6\ADRESY.000
c:\ucto2010\FIRMA6\ADRESY.T00
c:\ucto2010\FIRMA6\ADRESY.X00
c:\ucto2010\FIRMA6\ARCHIVD.001
c:\ucto2010\FIRMA6\ARCHIVD.T01
c:\ucto2010\FIRMA6\AUTA.005
c:\ucto2010\FIRMA6\AUTA.T05
c:\ucto2010\FIRMA6\BANKA1.008
c:\ucto2010\FIRMA6\CE_AUTA.006
c:\ucto2010\FIRMA6\CE_AUTA.T06
c:\ucto2010\FIRMA6\CE_TRASY.006
c:\ucto2010\FIRMA6\CEST_FH.006
c:\ucto2010\FIRMA6\CEST_FH.T06
c:\ucto2010\FIRMA6\CEST_FH.X06
c:\ucto2010\FIRMA6\CEST_FP.006
c:\ucto2010\FIRMA6\CEST_FS.006
c:\ucto2010\FIRMA6\CEST_VH.006
c:\ucto2010\FIRMA6\CEST_VH.T06
c:\ucto2010\FIRMA6\CEST_VH.X06
c:\ucto2010\FIRMA6\CEST_VP.006
c:\ucto2010\FIRMA6\CEST_VS.006
c:\ucto2010\FIRMA6\CISABS.004
c:\ucto2010\FIRMA6\CISABS.X04
c:\ucto2010\FIRMA6\CISCEST.005
c:\ucto2010\FIRMA6\CISDOKL.001
c:\ucto2010\FIRMA6\CISDRUH.001
c:\ucto2010\FIRMA6\CISDRUH.X01
c:\ucto2010\FIRMA6\CISPOH.001
c:\ucto2010\FIRMA6\CISPOZN.000
c:\ucto2010\FIRMA6\CISPOZN.T00
c:\ucto2010\FIRMA6\CIST.000
c:\ucto2010\FIRMA6\CISTEXT.001
c:\ucto2010\FIRMA6\CISTXT.006
c:\ucto2010\FIRMA6\CISUCEL.005
c:\ucto2010\FIRMA6\CISVYKON.001
c:\ucto2010\FIRMA6\DENIK.001
c:\ucto2010\FIRMA6\DENIK.T01
c:\ucto2010\FIRMA6\DODL_VH.006
c:\ucto2010\FIRMA6\DODL_VH.T06
c:\ucto2010\FIRMA6\DODL_VH.X06
c:\ucto2010\FIRMA6\EDIT.000
c:\ucto2010\FIRMA6\FAKT_VH.006
c:\ucto2010\FIRMA6\FAKT_VH.T06
c:\ucto2010\FIRMA6\FAKT_VH.X06
c:\ucto2010\FIRMA6\JIZDY.005
c:\ucto2010\FIRMA6\JIZDY.T05
c:\ucto2010\FIRMA6\JIZDY.X05
c:\ucto2010\FIRMA6\KATEG.004
c:\ucto2010\FIRMA6\OBJE_VH.006
c:\ucto2010\FIRMA6\OBJE_VH.T06
c:\ucto2010\FIRMA6\OBJE_VH.X06
c:\ucto2010\FIRMA6\PAR01A2.001
c:\ucto2010\FIRMA6\PAR01A4.001
c:\ucto2010\FIRMA6\PAR02A2.002
c:\ucto2010\FIRMA6\PAR02A4.002
c:\ucto2010\FIRMA6\PAR03A4.003
c:\ucto2010\FIRMA6\PAR04A2.004
c:\ucto2010\FIRMA6\PAR05A4.005
c:\ucto2010\FIRMA6\PAR06A4.006
c:\ucto2010\FIRMA6\PAR08A4.008
c:\ucto2010\FIRMA6\PAR09A2.009
c:\ucto2010\FIRMA6\PAR09A2.T09
c:\ucto2010\FIRMA6\PAR09A4.009
c:\ucto2010\FIRMA6\PARAM2.000
c:\ucto2010\FIRMA6\PARAM2.T00
c:\ucto2010\FIRMA6\PARAM4.000
c:\ucto2010\FIRMA6\PARAM4.T00
c:\ucto2010\FIRMA6\PARZAS.001
c:\ucto2010\FIRMA6\PHM.005
c:\ucto2010\FIRMA6\PHM.X05
c:\ucto2010\FIRMA6\POJIST.004
c:\ucto2010\FIRMA6\PRACSML.004
c:\ucto2010\FIRMA6\PRACSML.T04
c:\ucto2010\FIRMA6\PROVOZ.005
c:\ucto2010\FIRMA6\PROVOZ.T05
c:\ucto2010\FIRMA6\SHIFTF3.000
c:\ucto2010\FIRMA6\SILDAN.005
c:\ucto2010\FIRMA6\SILDAN.X05
c:\ucto2010\FIRMA6\TRIDY.004
c:\ucto2010\FIRMA6\TYPDOKL.001
c:\ucto2010\FIRMA6\UKOLY.000
c:\ucto2010\FIRMA6\UKOLY.T00
c:\ucto2010\FIRMA6\UZAV.001
c:\ucto2010\FIRMA6\VYRIZUJE.002
c:\ucto2010\FIRMA6\ZAOKFA.006
c:\ucto2010\FIRMA6\ZURNALD.001
c:\ucto2010\FIRMA8\ADRESY.000
c:\ucto2010\FIRMA8\ADRESY.T00
c:\ucto2010\FIRMA8\ADRESY.X00
c:\ucto2010\FIRMA8\ARCHIVD.001
c:\ucto2010\FIRMA8\ARCHIVD.T01
c:\ucto2010\FIRMA8\BANKA1.008
c:\ucto2010\FIRMA8\CISABS.004
c:\ucto2010\FIRMA8\CISABS.X04
c:\ucto2010\FIRMA8\CISDOKL.001
c:\ucto2010\FIRMA8\CISDRUH.001
c:\ucto2010\FIRMA8\CISDRUH.X01
c:\ucto2010\FIRMA8\CISPOH.001
c:\ucto2010\FIRMA8\CISPOH.X01
c:\ucto2010\FIRMA8\CISPOZN.000
c:\ucto2010\FIRMA8\CISPOZN.T00
c:\ucto2010\FIRMA8\CIST.000
c:\ucto2010\FIRMA8\CIST.X00
c:\ucto2010\FIRMA8\CISTXT.006
c:\ucto2010\FIRMA8\CISTXT.X06
c:\ucto2010\FIRMA8\CISVYKON.001
c:\ucto2010\FIRMA8\CISVYKON.X01
c:\ucto2010\FIRMA8\DENIK.001
c:\ucto2010\FIRMA8\DENIK.T01
c:\ucto2010\FIRMA8\EDIT.000
c:\ucto2010\FIRMA8\EDIT.X00
c:\ucto2010\FIRMA8\EDITPAR.000
c:\ucto2010\FIRMA8\EDITPAR.X00
c:\ucto2010\FIRMA8\FINANCE.001
c:\ucto2010\FIRMA8\FINANCE.T01
c:\ucto2010\FIRMA8\KATEG.004
c:\ucto2010\FIRMA8\KATEG.X04
c:\ucto2010\FIRMA8\PAR01A2.001
c:\ucto2010\FIRMA8\PAR01A4.001
c:\ucto2010\FIRMA8\PAR03A4.003
c:\ucto2010\FIRMA8\PAR06A4.006
c:\ucto2010\FIRMA8\PAR08A2.008
c:\ucto2010\FIRMA8\PAR09A2.009
c:\ucto2010\FIRMA8\PAR09A2.T09
c:\ucto2010\FIRMA8\PAR09A4.009
c:\ucto2010\FIRMA8\PARAM2.000
c:\ucto2010\FIRMA8\PARAM2.T00
c:\ucto2010\FIRMA8\PARAM4.000
c:\ucto2010\FIRMA8\PARAM4.T00
c:\ucto2010\FIRMA8\PARZAS.001
c:\ucto2010\FIRMA8\PRACSML.004
c:\ucto2010\FIRMA8\PRACSML.T04
c:\ucto2010\FIRMA8\TRIDY.004
c:\ucto2010\FIRMA8\TRIDY.X04
c:\ucto2010\FIRMA8\TYPDOKL.001
c:\ucto2010\FIRMA8\TYPDOKL.X01
c:\ucto2010\FIRMA8\UKOLY.000
c:\ucto2010\FIRMA8\UKOLY.T00
c:\ucto2010\FIRMA8\UZAV.001
c:\ucto2010\FIRMA8\VYKMAZA.UUU
c:\ucto2010\FIRMA8\ZAOKFA.006
c:\ucto2010\FIRMA8\ZAOKFA.X06
c:\ucto2010\FIRMA8\ZURNALD.001
c:\ucto2010\FNDFILES.EXE
c:\ucto2010\HEAD602.UUU
c:\ucto2010\HELP.000
c:\ucto2010\HELP.T00
c:\ucto2010\HELP02.000
c:\ucto2010\HELP02.T00
c:\ucto2010\HELP03.000
c:\ucto2010\HELP03.T00
c:\ucto2010\HELP04.000
c:\ucto2010\HELP04.T00
c:\ucto2010\HELP05.000
c:\ucto2010\HELP05.T00
c:\ucto2010\HELP06.000
c:\ucto2010\HELP06.T00
c:\ucto2010\HELP08.000
c:\ucto2010\HELP08.T00
c:\ucto2010\HELP98.000
c:\ucto2010\HELP98.T00
c:\ucto2010\HELP99.000
c:\ucto2010\HELP99.T00
c:\ucto2010\IMPORT.PRO
c:\ucto2010\IMPORT.TRO
c:\ucto2010\INFOHLP.000
c:\ucto2010\INFOHLP.T00
c:\ucto2010\ISSHARE.EXE
c:\ucto2010\KALENDAR.000
c:\ucto2010\KALKDPH.000
c:\ucto2010\KALKPOJP.000
c:\ucto2010\KALKPOJZ.000
c:\ucto2010\KALKPRUM.000
c:\ucto2010\KALKPV08.000
c:\ucto2010\KALKTABD.000
c:\ucto2010\KATEG.UUU
c:\ucto2010\LASTAKT.TXT
c:\ucto2010\LCD1.PAL
c:\ucto2010\LCD2.PAL
c:\ucto2010\LKDOPL1\G.000
c:\ucto2010\LKDOPL1\LKDOPL1.RDB
c:\ucto2010\LKDOPL1\LKDOPL1.TTT
c:\ucto2010\LKDOPL1\LKHELP.000
c:\ucto2010\LKDOPL1\LKHELP.T00
c:\ucto2010\MAKEDIR.BAT
c:\ucto2010\MF5460-1.UUU
c:\ucto2010\MODUL01.PRO
c:\ucto2010\MODUL01.TRO
c:\ucto2010\MODUL02.PRO
c:\ucto2010\MODUL02.TRO
c:\ucto2010\MODUL03.PRO
c:\ucto2010\MODUL03.TRO
c:\ucto2010\MODUL04.PRO
c:\ucto2010\MODUL04.TRO
c:\ucto2010\MODUL05.PRO
c:\ucto2010\MODUL05.TRO
c:\ucto2010\MODUL06.PRO
c:\ucto2010\MODUL06.TRO
c:\ucto2010\MODUL07.PRO
c:\ucto2010\MODUL07.TRO
c:\ucto2010\MODUL08.PRO
c:\ucto2010\MODUL08.TRO
c:\ucto2010\MODUL09.PRO
c:\ucto2010\MODUL09.TRO
c:\ucto2010\MODUL97.PRO
c:\ucto2010\MODUL97.TRO
c:\ucto2010\MODUL98.PRO
c:\ucto2010\MODUL98.TRO
c:\ucto2010\MODUL99.PRO
c:\ucto2010\MODUL99.TRO
c:\ucto2010\MZDYPU.000
c:\ucto2010\NUMKB.EXE
c:\ucto2010\NUMKB3.EXE
c:\ucto2010\OPRAVY.UUU
c:\ucto2010\PGM.CAT
c:\ucto2010\PGM.RDB
c:\ucto2010\PGM.TTT
c:\ucto2010\PRINTER.TXT
c:\ucto2010\RADKY.TXT
c:\ucto2010\RENFILES.BAT
c:\ucto2010\RO.EXE
c:\ucto2010\SEARCHX.EXE
c:\ucto2010\SEST01.PRO
c:\ucto2010\SEST01.TRO
c:\ucto2010\SEST02.PRO
c:\ucto2010\SEST02.TRO
c:\ucto2010\SEST03.PRO
c:\ucto2010\SEST03.TRO
c:\ucto2010\SEST04.PRO
c:\ucto2010\SEST04.TRO
c:\ucto2010\SEST05.PRO
c:\ucto2010\SEST05.TRO
c:\ucto2010\SEST06.PRO
c:\ucto2010\SEST06.TRO
c:\ucto2010\SEST07.PRO
c:\ucto2010\SEST07.TRO
c:\ucto2010\SEST08.PRO
c:\ucto2010\SEST08.TRO
c:\ucto2010\SEST09.PRO
c:\ucto2010\SEST09.TRO
c:\ucto2010\SESTAVY.CAT
c:\ucto2010\SESTAVY.RDB
c:\ucto2010\SESTAVY.TTT
c:\ucto2010\SETDATE.EXE
c:\ucto2010\SETFILES.EXE
c:\ucto2010\SEZNTISK.000
c:\ucto2010\SEZNTISK.T00
c:\ucto2010\SLOVY.000
c:\ucto2010\SLOVY.X00
c:\ucto2010\SPEC01.PRO
c:\ucto2010\SPEC01.TRO
c:\ucto2010\SPEC011.PRO
c:\ucto2010\SPEC011.TRO
c:\ucto2010\SPEC02.PRO
c:\ucto2010\SPEC02.TRO
c:\ucto2010\SPEC03.PRO
c:\ucto2010\SPEC03.TRO
c:\ucto2010\SPEC04.PRO
c:\ucto2010\SPEC04.TRO
c:\ucto2010\SPEC05.PRO
c:\ucto2010\SPEC05.TRO
c:\ucto2010\SPEC06.PRO
c:\ucto2010\SPEC06.TRO
c:\ucto2010\SPEC07.PRO
c:\ucto2010\SPEC07.TRO
c:\ucto2010\SUBDIR.EXE
c:\ucto2010\SUDLICH.EXE
c:\ucto2010\TIPY.000
c:\ucto2010\TIPY.T00
c:\ucto2010\TIPY.X00
c:\ucto2010\TTT.CAT
c:\ucto2010\TTT.RDB
c:\ucto2010\TTT.TTT
c:\ucto2010\TTTNEW.UUU
c:\ucto2010\TXTNARTF.EXE
c:\ucto2010\U.BAT
c:\ucto2010\u10_cd.exe
c:\ucto2010\UCTO.000
c:\ucto2010\UCTO.PAL
c:\ucto2010\UCTO2010.CAT
c:\ucto2010\UCTO2010.ICO
c:\ucto2010\UCTO2010.RDB
c:\ucto2010\UCTO2010.TTT
c:\ucto2010\UCTOINFO.PRO
c:\ucto2010\UCTOINFO.TRO
c:\ucto2010\UCTOL.000
c:\ucto2010\UCTOTXT.UUU
c:\ucto2010\UCTOTXT2.UUU
c:\ucto2010\UCTOTXT3.UUU
c:\ucto2010\UFAND.EXE
c:\ucto2010\UFAND.OVR
c:\ucto2010\UFANDHLP.000
c:\ucto2010\UFANDHLP.T00
c:\ucto2010\UK.BAT
c:\ucto2010\UPG.PRO
c:\ucto2010\UPG.TRO
c:\ucto2010\UPG01.PRO
c:\ucto2010\UPG01.TRO
c:\ucto2010\UPG02.PRO
c:\ucto2010\UPG02.TRO
c:\ucto2010\UPG03.PRO
c:\ucto2010\UPG03.TRO
c:\ucto2010\UPG04.PRO
c:\ucto2010\UPG04.TRO
c:\ucto2010\UPG05.PRO
c:\ucto2010\UPG05.TRO
c:\ucto2010\UPG06.PRO
c:\ucto2010\UPG06.TRO
c:\ucto2010\UPG07.PRO
c:\ucto2010\UPG07.TRO
c:\ucto2010\UPG08.PRO
c:\ucto2010\UPG08.TRO
c:\ucto2010\UPG09.PRO
c:\ucto2010\UPG09.TRO
c:\ucto2010\UPG97.PRO
c:\ucto2010\UPG97.TRO
c:\ucto2010\UPG99.PRO
c:\ucto2010\UPG99.TRO
c:\ucto2010\UPGPAR.000
c:\ucto2010\VEDLCIN.UUU
c:\ucto2010\VERZE.UUU
c:\ucto2010\VYBERTXT.EXE
c:\ucto2010\VZORTISK.000
c:\ucto2010\zaloha\cti.mne
c:\ucto2010\zaloha\LKDOPL1\G.000
c:\ucto2010\zaloha\LKDOPL1\LKDOPL1.RDB
c:\ucto2010\zaloha\LKDOPL1\LKDOPL1.TTT
c:\ucto2010\zaloha\LKDOPL1\LKHELP.000
c:\ucto2010\zaloha\LKDOPL1\LKHELP.T00
c:\ucto2010\zaloha\SPEC01.PRO
c:\ucto2010\zaloha\Spec01.tro
c:\ucto2010\ZASTUPCE.CAT
c:\ucto2010\ZASTUPCE.INI
c:\ucto2010\ZASTUPCE.RDB
c:\ucto2010\ZASTUPCE.TTT
c:\ucto2010\ZETROZET.PAL
c:\ucto2010\ZZZ.BAT
c:\windows\$NtUninstallKB63231$
c:\windows\$NtUninstallKB63231$\4126768978
c:\windows\$NtUninstallKB63231$\875938506\@
c:\windows\$NtUninstallKB63231$\875938506\bckfg.tmp
c:\windows\$NtUninstallKB63231$\875938506\cfg.ini
c:\windows\$NtUninstallKB63231$\875938506\Desktop.ini
c:\windows\$NtUninstallKB63231$\875938506\keywords
c:\windows\$NtUninstallKB63231$\875938506\kwrd.dll
c:\windows\$NtUninstallKB63231$\875938506\L\ocxrgwsl
c:\windows\$NtUninstallKB63231$\875938506\U\00000001.@
c:\windows\$NtUninstallKB63231$\875938506\U\00000002.@
c:\windows\$NtUninstallKB63231$\875938506\U\00000004.@
c:\windows\$NtUninstallKB63231$\875938506\U\80000000.@
c:\windows\$NtUninstallKB63231$\875938506\U\80000004.@
c:\windows\$NtUninstallKB63231$\875938506\U\80000032.@
c:\windows\system32\SET9EFE.tmp
c:\windows\system32\SET9F03.tmp
c:\windows\system32\SETAC.tmp
c:\windows\system32\SETAE.tmp
c:\windows\system32\SETBD.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_PCSUSERVICE
-------\Service_PCSUService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-15 do 2014-05-15 )))))))))))))))))))))))))))))))
.
.
2014-05-14 18:44 . 2014-05-14 18:44 -------- d-----w- C:\Viry
2014-05-14 13:36 . 2014-05-14 13:41 -------- d-----w- C:\Sapi
2014-05-12 22:41 . 2014-05-12 22:43 -------- d-----w- c:\documents and settings\Patrik Netroufal\Data aplikací\Seznam.cz
2014-05-08 13:48 . 2014-05-08 13:48 227704 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2014-05-01 17:53 . 2014-05-01 17:53 -------- d-----w- c:\windows\system32\wbem\Repository
2014-04-23 17:56 . 2014-04-27 13:28 -------- d-----w- C:\RavoRife
2014-04-23 16:59 . 2013-07-25 11:32 65896 ----a-w- c:\windows\system32\drivers\ftdibus.sys
2014-04-23 16:59 . 2013-07-25 11:32 219496 ----a-w- c:\windows\system32\ftd2xx.dll
2014-04-23 16:59 . 2013-07-25 11:32 201576 ----a-w- c:\windows\system32\FTLang.dll
2014-04-23 16:59 . 2013-07-25 11:32 105832 ----a-w- c:\windows\system32\ftbusui.dll
2014-04-16 19:17 . 2014-03-17 19:42 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-04-16 19:16 . 2014-03-17 20:11 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-08 12:11 . 2013-12-03 08:02 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-08 12:11 . 2013-12-03 08:02 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 21:05 . 2014-03-12 21:05 157696 ----a-w- c:\windows\system\STORAGE.DLL
2014-03-06 17:58 . 2004-08-18 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:58 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2014-03-06 17:58 . 2004-08-18 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:58 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2014-02-26 23:28 . 2014-03-31 17:41 13312 ------w- c:\windows\system32\xp_eos.exe
2013-05-22 15:41 . 2013-05-22 15:41 33546240 ----a-w- c:\program files\GUT61.tmp
2013-04-29 09:44 . 2014-03-01 10:24 6058496 ----a-w- c:\program files\QuickMark.msi
2013-04-26 21:40 . 2013-04-26 21:40 10285040 ----a-w- c:\program files\mbam-setup.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2008-11-18 226576]
"PMCLoader"="c:\program files\Pinnacle\TVCenter Pro\PMCLoader.exe" [2008-12-16 644368]
"HDDHealth"="c:\program files\HDD Health\HDDHealth.exe" [2008-06-15 1692672]
"cz.seznam.software.szndesktop"="c:\documents and settings\Masek\Data aplikací\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"cz.seznam.software.autoupdate"="c:\documents and settings\Masek\Data aplikací\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5110672]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Jiří\Nabídka Start\Programy\Po spuštění\
Svátky a narozeniny.lnk - c:\program files\Svátky a narozeniny\SaN.exe [2009-10-25 693760]
.
c:\documents and settings\Masek\Nabídka Start\Programy\Po spuštění\
Svátky a narozeniny.lnk - c:\program files\Svátky a narozeniny\SaN.exe [2009-10-25 693760]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Pinnacle Streaming Server.lnk - c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe /Start [2008-3-25 603408]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Documents and Settings\\Masek\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [8.10.2012 9:21 134248]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.9.2013 13:06 1337752]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [12.10.2009 22:29 14976]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5.6.2013 9:08 22856]
R3 PinnacleRoyalTS;Pinnacle Systems RoyalTS Device;c:\windows\system32\drivers\RoyalTS.sys [10.3.2010 20:24 123520]
S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [31.3.2014 15:40 108032]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5.6.2013 9:08 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 9:15 172192]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23.12.2010 15:37 137600]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [11.1.2005 17:43 6400]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03 12:11]
.
2014-05-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-31 23:28]
.
2014-05-15 c:\windows\Tasks\PC SpeedUp Service Deactivator.job
- c:\program files\Zrychleni Pocitace\PCSUSD.exe [2014-03-02 08:02]
.
2014-05-15 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-31 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://atlas.centrum.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
HKCU-Run-OEXPRESS - (no file)
SafeBoot-92288165.sys
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-05-15 19:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(940)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3420)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\CTSvcCDA.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\progra~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2014-05-15 19:18:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-15 17:18
.
Před spuštěním: Volných bajtů: 66 028 298 240
Po spuštění: Volných bajtů: 66 427 654 144
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 6B94F483A1ECFA2E587E4C3C426E307F
413FC2A0C716421B3158746D63736515


připojuji i výsledek z Esetu::

Protokol o kontrole
Verze virové databáze: 9804 (20140515)
Datum: 15.5.2014 Čas: 19:25:54
Testované disky, adresáře a soubory: Operační paměť;Boot sektor
Počet zkontrolovaných objektů: 341
Počet nalezených hrozeb: 0
Čas ukončení: 19:25:54 Celkový čas diagnostiky: 0 sek (00:00:00)

Vypadá to relativně asi dobře, Pc startuje o hodně lépe.
ComboFix restartoval asi třikrát a mezi tím napsal tuto hlášku
(nestačil jsem to ale opsat vše):
You are infected with rootkit. Zeroaccess! It has inserted
it self into the TCP/IP stack if it's not fixed run combofix one
more time.

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu Combofix a pusťte. CF se spustí a vykoná příkazy ze skriptu.



Toho rootkita tam opravdu máte. Po této akci na něj půjdeme, ale jinou utilitou.

[e_mysak]

Teď už byl ComboFix klidnější, ale když skončil restartem tak PC odmítlo nastartovat a rozjelo se pouze v nouzovém režimu.ComboFix vytvořil log.Pořádně ve mně hrklo už jsem myslel na nejhorší. Vypnul jsem PC a znovu spustil a kupodivu vše se rozjelo Zde je log:

ComboFix 14-05-13.01 - Masek 15.05.2014 23:01:24.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1525 [GMT 2:00]
Spuštěný z: c:\documents and settings\Masek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Masek\Plocha\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-15 do 2014-05-15 )))))))))))))))))))))))))))))))
.
.
2014-05-14 18:44 . 2014-05-14 18:44 -------- d-----w- C:\Viry
2014-05-14 13:36 . 2014-05-14 13:41 -------- d-----w- C:\Sapi
2014-05-12 22:41 . 2014-05-12 22:43 -------- d-----w- c:\documents and settings\Patrik Netroufal\Data aplikací\Seznam.cz
2014-05-08 13:48 . 2014-05-08 13:48 227704 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2014-05-01 17:53 . 2014-05-01 17:53 -------- d-----w- c:\windows\system32\wbem\Repository
2014-04-23 17:56 . 2014-04-27 13:28 -------- d-----w- C:\RavoRife
2014-04-23 16:59 . 2013-07-25 11:32 65896 ----a-w- c:\windows\system32\drivers\ftdibus.sys
2014-04-23 16:59 . 2013-07-25 11:32 219496 ----a-w- c:\windows\system32\ftd2xx.dll
2014-04-23 16:59 . 2013-07-25 11:32 201576 ----a-w- c:\windows\system32\FTLang.dll
2014-04-23 16:59 . 2013-07-25 11:32 105832 ----a-w- c:\windows\system32\ftbusui.dll
2014-04-16 19:17 . 2014-03-17 19:42 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-04-16 19:16 . 2014-03-17 20:11 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-08 12:11 . 2013-12-03 08:02 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-08 12:11 . 2013-12-03 08:02 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 21:05 . 2014-03-12 21:05 157696 ----a-w- c:\windows\system\STORAGE.DLL
2014-03-06 17:58 . 2004-08-18 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:58 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2014-03-06 17:58 . 2004-08-18 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:58 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2014-02-26 23:28 . 2014-03-31 17:41 13312 ------w- c:\windows\system32\xp_eos.exe
2013-05-22 15:41 . 2013-05-22 15:41 33546240 ----a-w- c:\program files\GUT61.tmp
2013-04-29 09:44 . 2014-03-01 10:24 6058496 ----a-w- c:\program files\QuickMark.msi
2013-04-26 21:40 . 2013-04-26 21:40 10285040 ----a-w- c:\program files\mbam-setup.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2008-11-18 226576]
"PMCLoader"="c:\program files\Pinnacle\TVCenter Pro\PMCLoader.exe" [2008-12-16 644368]
"HDDHealth"="c:\program files\HDD Health\HDDHealth.exe" [2008-06-15 1692672]
"cz.seznam.software.szndesktop"="c:\documents and settings\Masek\Data aplikací\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"cz.seznam.software.autoupdate"="c:\documents and settings\Masek\Data aplikací\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5110672]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Jiří\Nabídka Start\Programy\Po spuštění\
Svátky a narozeniny.lnk - c:\program files\Svátky a narozeniny\SaN.exe [2009-10-25 693760]
.
c:\documents and settings\Masek\Nabídka Start\Programy\Po spuštění\
Svátky a narozeniny.lnk - c:\program files\Svátky a narozeniny\SaN.exe [2009-10-25 693760]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Pinnacle Streaming Server.lnk - c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe /Start [2008-3-25 603408]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Documents and Settings\\Masek\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [8.10.2012 9:21 134248]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.9.2013 13:06 1337752]
S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [31.3.2014 15:40 108032]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5.6.2013 9:08 701512]
S2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [12.10.2009 22:29 14976]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 9:15 172192]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5.6.2013 9:08 22856]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23.12.2010 15:37 137600]
S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [11.1.2005 17:43 6400]
S3 PinnacleRoyalTS;Pinnacle Systems RoyalTS Device;c:\windows\system32\drivers\RoyalTS.sys [10.3.2010 20:24 123520]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-03 12:11]
.
2014-05-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-31 23:28]
.
2014-05-15 c:\windows\Tasks\PC SpeedUp Service Deactivator.job
- c:\program files\Zrychleni Pocitace\PCSUSD.exe [2014-03-02 08:02]
.
2014-05-15 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-31 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://atlas.centrum.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-05-15 23:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(208)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1840)
c:\progra~1\WINDOW~2\wmpband.dll
.
Celkový čas: 2014-05-15 23:18:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-15 21:18
ComboFix2.txt 2014-05-15 17:18
.
Před spuštěním: Volných bajtů: 66 564 542 464
Po spuštění: Volných bajtů: 68 695 699 456
.
- - End Of File - - 7DEE4F49B709F76652C56AE580D8D250
413FC2A0C716421B3158746D63736515

[Rudy]

Log je již OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe .

Dále si stahnete TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V okne Additional Option zakliknete vsechny moznosti
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[e_mysak]

Vyčistil jsem a udělal log z TDSSKileru zde je, byl ale nějak rychle hotov

18:21:39.0687 0x0ad0 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
18:21:55.0375 0x0ad0 ============================================================
18:21:55.0375 0x0ad0 Current date / time: 2014/05/16 18:21:55.0375
18:21:55.0375 0x0ad0 SystemInfo:
18:21:55.0375 0x0ad0
18:21:55.0375 0x0ad0 OS Version: 5.1.2600 ServicePack: 3.0
18:21:55.0375 0x0ad0 Product type: Workstation
18:21:55.0375 0x0ad0 ComputerName: PC-MASEK
18:21:55.0375 0x0ad0 UserName: Jiří
18:21:55.0375 0x0ad0 Windows directory: C:\WINDOWS
18:21:55.0375 0x0ad0 System windows directory: C:\WINDOWS
18:21:55.0375 0x0ad0 Processor architecture: Intel x86
18:21:55.0375 0x0ad0 Number of processors: 1
18:21:55.0375 0x0ad0 Page size: 0x1000
18:21:55.0375 0x0ad0 Boot type: Normal boot
18:21:55.0375 0x0ad0 ============================================================
18:21:55.0656 0x0ad0 KLMD registered as C:\WINDOWS\system32\drivers\79951023.sys
18:21:56.0109 0x0ad0 System UUID: {A54841BE-CF9B-F930-B85F-537D6B4DC4FF}
18:21:57.0453 0x0ad0 Drive \Device\Harddisk0\DR0 - Size: 0x262AE80000 (152.67 Gb), SectorSize: 0x200, Cylinders: 0x4DD9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:21:57.0468 0x0ad0 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:21:57.0515 0x0ad0 Drive \Device\Harddisk2\DR4 - Size: 0x3A8400000 (14.63 Gb), SectorSize: 0x200, Cylinders: 0x775, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:21:57.0515 0x0ad0 ============================================================
18:21:57.0515 0x0ad0 \Device\Harddisk0\DR0:
18:21:57.0515 0x0ad0 MBR partitions:
18:21:57.0515 0x0ad0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1314FF99
18:21:57.0515 0x0ad0 \Device\Harddisk1\DR1:
18:21:57.0515 0x0ad0 MBR partitions:
18:21:57.0515 0x0ad0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:21:57.0515 0x0ad0 \Device\Harddisk2\DR4:
18:21:57.0515 0x0ad0 MBR partitions:
18:21:57.0515 0x0ad0 \Device\Harddisk2\DR4\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1D40000
18:21:57.0515 0x0ad0 ============================================================
18:21:57.0546 0x0ad0 C: <-> \Device\Harddisk0\DR0\Partition1
18:21:57.0578 0x0ad0 D: <-> \Device\Harddisk1\DR1\Partition1
18:21:57.0578 0x0ad0 ============================================================
18:21:57.0578 0x0ad0 Initialize success
18:21:57.0578 0x0ad0 ============================================================
18:22:54.0109 0x02e4 ============================================================
18:22:54.0109 0x02e4 Scan started
18:22:54.0109 0x02e4 Mode: Manual; SigCheck; TDLFS;
18:22:54.0109 0x02e4 ============================================================
18:22:54.0109 0x02e4 KSN ping started
18:22:54.0265 0x02e4 KSN ping finished: true
18:22:54.0546 0x02e4 ================ Scan system memory ========================
18:22:54.0546 0x02e4 System memory - ok
18:22:54.0546 0x02e4 ================ Scan services =============================
18:22:54.0703 0x02e4 Abiosdsk - ok
18:22:54.0718 0x02e4 abp480n5 - ok
18:22:54.0765 0x02e4 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:22:55.0828 0x02e4 ACPI - ok
18:22:55.0937 0x02e4 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:22:56.0109 0x02e4 ACPIEC - ok
18:22:56.0203 0x02e4 [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:22:56.0234 0x02e4 AdobeFlashPlayerUpdateSvc - ok
18:22:56.0250 0x02e4 adpu160m - ok
18:22:56.0296 0x02e4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:22:56.0468 0x02e4 aec - ok
18:22:56.0515 0x02e4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:22:56.0578 0x02e4 AFD - ok
18:22:56.0625 0x02e4 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:22:56.0781 0x02e4 agp440 - ok
18:22:56.0796 0x02e4 Aha154x - ok
18:22:56.0812 0x02e4 aic78u2 - ok
18:22:56.0812 0x02e4 aic78xx - ok
18:22:56.0859 0x02e4 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:22:57.0031 0x02e4 Alerter - ok
18:22:57.0062 0x02e4 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
18:22:57.0125 0x02e4 ALG - ok
18:22:57.0140 0x02e4 AliIde - ok
18:22:57.0156 0x02e4 amsint - ok
18:22:57.0171 0x02e4 AppMgmt - ok
18:22:57.0187 0x02e4 asc - ok
18:22:57.0203 0x02e4 asc3350p - ok
18:22:57.0218 0x02e4 asc3550 - ok
18:22:57.0265 0x02e4 [ 05A56C3156E1B6CC7BBD8E1D54D491F2, 524F9D08FB4EBBEE63D25D7A9037FB4797B2ABB2C09AA7E477CB0108D6AFB1CF ] ASNDIS5 C:\WINDOWS\system32\ASNDIS5.SYS
18:22:57.0281 0x02e4 ASNDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
18:22:57.0421 0x02e4 Detect skipped due to KSN trusted
18:22:57.0421 0x02e4 ASNDIS5 - ok
18:22:57.0546 0x02e4 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:22:57.0562 0x02e4 aspnet_state - ok
18:22:57.0593 0x02e4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:22:57.0765 0x02e4 AsyncMac - ok
18:22:57.0781 0x02e4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:22:57.0984 0x02e4 atapi - ok
18:22:57.0984 0x02e4 Atdisk - ok
18:22:58.0046 0x02e4 [ 174C7EE63011017CA12E31CED195581D, 004DB03BBE51E4160DCBF11C21A7DD102B3D2579E1E7CDC2A5F94A4F91E819A5 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:22:58.0171 0x02e4 Ati HotKey Poller - ok
18:22:58.0234 0x02e4 [ 70572BA52CD572805F0ECC7114EAB28F, 2F2A25EBB954A66D0843AE35CC4212521485CA6C932E12C1FD02B349D5836607 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
18:22:58.0328 0x02e4 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
18:22:58.0515 0x02e4 Detect skipped due to KSN trusted
18:22:58.0515 0x02e4 ATI Smart - ok
18:22:58.0593 0x02e4 [ 4938AD74DE9088F70922FABF86912EEE, 19F3FD2E75FA9C148A66662232921B64F335488AF3BF4661AE27B104BB8AAD1A ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:22:58.0687 0x02e4 ati2mtag - ok
18:22:58.0703 0x02e4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:22:58.0875 0x02e4 Atmarpc - ok
18:22:58.0921 0x02e4 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:22:59.0093 0x02e4 AudioSrv - ok
18:22:59.0140 0x02e4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:22:59.0312 0x02e4 audstub - ok
18:22:59.0343 0x02e4 [ BA03A18635D4B0830C9262CD80D4026B, BBF1D91CD1B3CE34E4901E23DDC6F3F129DD96AF355317AB485522176BA62B58 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
18:22:59.0406 0x02e4 bcm4sbxp - ok
18:22:59.0453 0x02e4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:22:59.0625 0x02e4 Beep - ok
18:22:59.0687 0x02e4 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
18:22:59.0953 0x02e4 BITS - ok
18:22:59.0984 0x02e4 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
18:23:00.0046 0x02e4 Browser - ok
18:23:00.0093 0x02e4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:23:00.0265 0x02e4 cbidf2k - ok
18:23:00.0312 0x02e4 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:23:00.0500 0x02e4 CCDECODE - ok
18:23:00.0515 0x02e4 cd20xrnt - ok
18:23:00.0531 0x02e4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:23:00.0703 0x02e4 Cdaudio - ok
18:23:00.0718 0x02e4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:23:00.0906 0x02e4 Cdfs - ok
18:23:00.0937 0x02e4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:23:01.0109 0x02e4 Cdrom - ok
18:23:01.0109 0x02e4 Changer - ok
18:23:01.0156 0x02e4 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:23:01.0343 0x02e4 CiSvc - ok
18:23:01.0390 0x02e4 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:23:01.0562 0x02e4 ClipSrv - ok
18:23:01.0625 0x02e4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:23:01.0640 0x02e4 clr_optimization_v2.0.50727_32 - ok
18:23:01.0687 0x02e4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:23:01.0718 0x02e4 clr_optimization_v4.0.30319_32 - ok
18:23:01.0718 0x02e4 CmdIde - ok
18:23:01.0734 0x02e4 COMSysApp - ok
18:23:01.0765 0x02e4 Cpqarray - ok
18:23:01.0828 0x02e4 [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTSvcCDA.exe
18:23:01.0843 0x02e4 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic ( 1 )
18:23:02.0015 0x02e4 Detect skipped due to KSN trusted
18:23:02.0015 0x02e4 Creative Service for CDROM Access - ok
18:23:02.0046 0x02e4 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:23:02.0234 0x02e4 CryptSvc - ok
18:23:02.0250 0x02e4 dac2w2k - ok
18:23:02.0265 0x02e4 dac960nt - ok
18:23:02.0328 0x02e4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:23:02.0437 0x02e4 DcomLaunch - ok
18:23:02.0484 0x02e4 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:23:02.0625 0x02e4 Dhcp - ok
18:23:02.0671 0x02e4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:23:02.0859 0x02e4 Disk - ok
18:23:02.0875 0x02e4 dmadmin - ok
18:23:02.0953 0x02e4 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:23:03.0203 0x02e4 dmboot - ok
18:23:03.0234 0x02e4 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:23:03.0390 0x02e4 dmio - ok
18:23:03.0421 0x02e4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:23:03.0625 0x02e4 dmload - ok
18:23:03.0671 0x02e4 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:23:03.0843 0x02e4 dmserver - ok
18:23:03.0875 0x02e4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:23:04.0062 0x02e4 DMusic - ok
18:23:04.0109 0x02e4 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:23:04.0171 0x02e4 Dnscache - ok
18:23:04.0218 0x02e4 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:23:04.0390 0x02e4 Dot3svc - ok
18:23:04.0406 0x02e4 dpti2o - ok
18:23:04.0437 0x02e4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:23:04.0593 0x02e4 drmkaud - ok
18:23:04.0609 0x02e4 EagleXNt - ok
18:23:04.0656 0x02e4 [ 0C51F1D7A7501FC948D35AE0FDE764A5, 18AD67B2E5BDED5C322B4649CF51F5DAC0BB89F342A2FE7BE1D43A942F135CCD ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
18:23:04.0703 0x02e4 eamon - ok
18:23:04.0750 0x02e4 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:23:04.0921 0x02e4 EapHost - ok
18:23:04.0968 0x02e4 [ C79916F203E1A2CBBE99F22D6E5D21DA, 84749E7067927AD437D38BEFEA12B40C3E849216F26338F707694918206C4C2A ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
18:23:04.0984 0x02e4 ehdrv - ok
18:23:05.0187 0x02e4 [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
18:23:05.0265 0x02e4 ekrn - ok
18:23:05.0328 0x02e4 [ 4B6B2C930CD076F8BDEE683512EE05E8, 37C1182044047FBB98E208C8CFF36BDB47F1617A57F7F7B2331E0F7BDD0A653D ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
18:23:05.0343 0x02e4 epfw - ok
18:23:05.0390 0x02e4 [ BE76566CE5E943B7529CF49025506542, C86D3690604CA38179F630CD1B6CBD7263062BE359F9D5822EC80ED24EAFBABE ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
18:23:05.0406 0x02e4 Epfwndis - ok
18:23:05.0453 0x02e4 [ B964288A27843BDAFB5EE3A5CFC26A0A, 58C33FF1BA496277C6DAF2A1608861DFACDB4A8488BBC153F579211563798DA8 ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
18:23:05.0468 0x02e4 epfwtdi - ok
18:23:05.0500 0x02e4 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:23:05.0656 0x02e4 ERSvc - ok
18:23:05.0703 0x02e4 [ A55DD7D8CED5D2624A9EE2DDA7BE0319, 561C010E1E0102D63C6EBAA98145FAA57A4B9E8FBBCAE362FD072B18EF2E88E4 ] es1371 C:\WINDOWS\system32\drivers\es1371mp.sys
18:23:05.0859 0x02e4 es1371 - ok
18:23:05.0906 0x02e4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
18:23:05.0937 0x02e4 Eventlog - ok
18:23:05.0984 0x02e4 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
18:23:06.0031 0x02e4 EventSystem - ok
18:23:06.0062 0x02e4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:23:06.0234 0x02e4 Fastfat - ok
18:23:06.0281 0x02e4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:23:06.0343 0x02e4 FastUserSwitchingCompatibility - ok
18:23:06.0375 0x02e4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:23:06.0531 0x02e4 Fdc - ok
18:23:06.0562 0x02e4 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:23:06.0703 0x02e4 Fips - ok
18:23:06.0718 0x02e4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:23:06.0875 0x02e4 Flpydisk - ok
18:23:06.0890 0x02e4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:23:07.0046 0x02e4 FltMgr - ok
18:23:07.0125 0x02e4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:23:07.0140 0x02e4 FontCache3.0.0.0 - ok
18:23:07.0265 0x02e4 [ 3CA1E0858B2E919C78F9BAD0B904A746, F90B67BCF3BAF4225F8776073AC193D23DC0BED314FA35C7DA4AD6DF800DAE39 ] Freemake Improver C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:23:07.0296 0x02e4 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
18:23:07.0421 0x02e4 Detect skipped due to KSN trusted
18:23:07.0421 0x02e4 Freemake Improver - ok
18:23:07.0437 0x02e4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:23:07.0578 0x02e4 Fs_Rec - ok
18:23:07.0625 0x02e4 [ D25C535DC57DAB5A6298CD8B23A62743, F85A1C911FCA47D5DA55E97C5E3EF234B97A4F8171477202E0AC6FA8F886E713 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
18:23:07.0640 0x02e4 FTDIBUS - ok
18:23:07.0656 0x02e4 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:23:07.0796 0x02e4 Ftdisk - ok
18:23:07.0828 0x02e4 [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:23:07.0984 0x02e4 gameenum - ok
18:23:08.0031 0x02e4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:23:08.0171 0x02e4 Gpc - ok
18:23:08.0250 0x02e4 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:23:08.0390 0x02e4 helpsvc - ok
18:23:08.0406 0x02e4 HidServ - ok
18:23:08.0453 0x02e4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:23:08.0578 0x02e4 HidUsb - ok
18:23:08.0625 0x02e4 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:23:08.0765 0x02e4 hkmsvc - ok
18:23:08.0765 0x02e4 hpn - ok
18:23:08.0843 0x02e4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:23:08.0921 0x02e4 HTTP - ok
18:23:08.0968 0x02e4 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:23:09.0109 0x02e4 HTTPFilter - ok
18:23:09.0125 0x02e4 i2omgmt - ok
18:23:09.0140 0x02e4 i2omp - ok
18:23:09.0203 0x02e4 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:23:09.0343 0x02e4 i8042prt - ok
18:23:09.0390 0x02e4 [ 4EC233EF7C2A2C36FA962DE2AE5D982A, 964DA1CE688E0943CF238E17F8FBBC338AEA237735F25DFA28720A0DB11E61F2 ] IdeBusDr C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys
18:23:09.0437 0x02e4 IdeBusDr - ok
18:23:09.0453 0x02e4 [ E1B24E6478AB2E5E09C21D2028E2F208, 43F1C160AEB5B47A60797845777E306D0426EA03C836199181B7B794254D4336 ] IdeChnDr C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys
18:23:09.0484 0x02e4 IdeChnDr - ok
18:23:09.0546 0x02e4 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:23:09.0562 0x02e4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:23:09.0703 0x02e4 Detect skipped due to KSN trusted
18:23:09.0703 0x02e4 IDriverT - ok
18:23:09.0812 0x02e4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:23:09.0906 0x02e4 idsvc - ok
18:23:09.0921 0x02e4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:23:10.0062 0x02e4 Imapi - ok
18:23:10.0093 0x02e4 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:23:10.0250 0x02e4 ImapiService - ok
18:23:10.0265 0x02e4 ini910u - ok
18:23:10.0281 0x02e4 [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:23:10.0421 0x02e4 IntelIde - ok
18:23:10.0468 0x02e4 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:23:10.0593 0x02e4 intelppm - ok
18:23:10.0625 0x02e4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:23:10.0765 0x02e4 Ip6Fw - ok
18:23:10.0812 0x02e4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:23:10.0968 0x02e4 IpFilterDriver - ok
18:23:11.0000 0x02e4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:23:11.0156 0x02e4 IpInIp - ok
18:23:11.0171 0x02e4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:23:11.0328 0x02e4 IpNat - ok
18:23:11.0343 0x02e4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:23:11.0484 0x02e4 IPSec - ok
18:23:11.0500 0x02e4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:23:11.0578 0x02e4 IRENUM - ok
18:23:11.0625 0x02e4 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:23:11.0750 0x02e4 isapnp - ok
18:23:11.0859 0x02e4 [ 45A663489E1A24FE3696F689178C1041, 362C156636EB8E791E4917E345B269E086DE1A69CAF1D12FDFEF90DFF2E19359 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:23:11.0890 0x02e4 JavaQuickStarterService - ok
18:23:11.0921 0x02e4 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:23:12.0046 0x02e4 Kbdclass - ok
18:23:12.0078 0x02e4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:23:12.0234 0x02e4 kmixer - ok
18:23:12.0265 0x02e4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:23:12.0312 0x02e4 KSecDD - ok
18:23:12.0359 0x02e4 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:23:12.0421 0x02e4 lanmanserver - ok
18:23:12.0468 0x02e4 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:23:12.0500 0x02e4 lanmanworkstation - ok
18:23:12.0515 0x02e4 lbrtfdc - ok
18:23:12.0562 0x02e4 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:23:12.0703 0x02e4 LmHosts - ok
18:23:12.0718 0x02e4 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:23:12.0750 0x02e4 MBAMProtector - ok
18:23:12.0796 0x02e4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:23:12.0828 0x02e4 MBAMScheduler - ok
18:23:12.0906 0x02e4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:23:12.0953 0x02e4 MBAMService - ok
18:23:13.0031 0x02e4 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
18:23:13.0078 0x02e4 MDM - ok
18:23:13.0125 0x02e4 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:23:13.0265 0x02e4 Messenger - ok
18:23:13.0312 0x02e4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:23:13.0453 0x02e4 mnmdd - ok
18:23:13.0500 0x02e4 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:23:13.0625 0x02e4 mnmsrvc - ok
18:23:13.0671 0x02e4 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:23:13.0828 0x02e4 Modem - ok
18:23:13.0859 0x02e4 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:23:13.0984 0x02e4 Mouclass - ok
18:23:14.0015 0x02e4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:23:14.0156 0x02e4 MountMgr - ok
18:23:14.0218 0x02e4 [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:23:14.0250 0x02e4 MozillaMaintenance - ok
18:23:14.0296 0x02e4 [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
18:23:14.0437 0x02e4 MPE - ok
18:23:14.0453 0x02e4 mraid35x - ok
18:23:14.0468 0x02e4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:23:14.0609 0x02e4 MRxDAV - ok
18:23:14.0687 0x02e4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:23:14.0812 0x02e4 MRxSmb - ok
18:23:14.0906 0x02e4 [ 641199534871783DD74138FE0BCFDAE7, 63F6BD6E5CF383D95917C544CF8EDB4F7DA961C7CA70FA7F960EA9C9FF48100A ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
18:23:14.0937 0x02e4 MSCamSvc - ok
18:23:14.0984 0x02e4 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:23:15.0109 0x02e4 MSDTC - ok
18:23:15.0140 0x02e4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:23:15.0265 0x02e4 Msfs - ok
18:23:15.0281 0x02e4 MSIServer - ok
18:23:15.0328 0x02e4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:23:15.0468 0x02e4 MSKSSRV - ok
18:23:15.0484 0x02e4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:23:15.0625 0x02e4 MSPCLOCK - ok
18:23:15.0640 0x02e4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:23:15.0781 0x02e4 MSPQM - ok
18:23:15.0828 0x02e4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:23:15.0968 0x02e4 mssmbios - ok
18:23:16.0000 0x02e4 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:23:16.0140 0x02e4 MSTEE - ok
18:23:16.0171 0x02e4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:23:16.0218 0x02e4 Mup - ok
18:23:16.0250 0x02e4 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:23:16.0390 0x02e4 NABTSFEC - ok
18:23:16.0453 0x02e4 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
18:23:16.0609 0x02e4 napagent - ok
18:23:16.0640 0x02e4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:23:16.0796 0x02e4 NDIS - ok
18:23:16.0812 0x02e4 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:23:16.0968 0x02e4 NdisIP - ok
18:23:17.0000 0x02e4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:23:17.0046 0x02e4 NdisTapi - ok
18:23:17.0062 0x02e4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:23:17.0203 0x02e4 Ndisuio - ok
18:23:17.0218 0x02e4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:23:17.0359 0x02e4 NdisWan - ok
18:23:17.0390 0x02e4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:23:17.0453 0x02e4 NDProxy - ok
18:23:17.0500 0x02e4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:23:17.0625 0x02e4 NetBIOS - ok
18:23:17.0656 0x02e4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:23:17.0796 0x02e4 NetBT - ok
18:23:17.0843 0x02e4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
18:23:18.0015 0x02e4 NetDDE - ok
18:23:18.0031 0x02e4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:23:18.0171 0x02e4 NetDDEdsdm - ok
18:23:18.0203 0x02e4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:23:18.0343 0x02e4 Netlogon - ok
18:23:18.0406 0x02e4 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
18:23:18.0531 0x02e4 Netman - ok
18:23:18.0593 0x02e4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:23:18.0609 0x02e4 NetTcpPortSharing - ok
18:23:18.0656 0x02e4 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
18:23:18.0687 0x02e4 Nla - ok
18:23:18.0734 0x02e4 [ 48FB907B069524F2DC7BA62A0762850C, 069FDABF61DEA0D74753D6E76601898D21E8C0E74C98413706FA48CBEB0BECEF ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
18:23:18.0953 0x02e4 nmwcd - ok
18:23:18.0984 0x02e4 [ 28D40797BCB050321FA6674B08A620C0, 772D57549D22810923D0A55827D382A5A7F18469F83EE9B1D5E6D588136F1329 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
18:23:19.0078 0x02e4 nmwcdnsu - ok
18:23:19.0140 0x02e4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:23:19.0265 0x02e4 Npfs - ok
18:23:19.0328 0x02e4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:23:19.0531 0x02e4 Ntfs - ok
18:23:19.0562 0x02e4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:23:19.0687 0x02e4 NtLmSsp - ok
18:23:19.0750 0x02e4 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:23:19.0921 0x02e4 NtmsSvc - ok
18:23:19.0953 0x02e4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:23:20.0078 0x02e4 Null - ok
18:23:20.0140 0x02e4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:23:20.0265 0x02e4 NwlnkFlt - ok
18:23:20.0296 0x02e4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:23:20.0437 0x02e4 NwlnkFwd - ok
18:23:20.0484 0x02e4 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:23:20.0515 0x02e4 ose - ok
18:23:20.0562 0x02e4 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:23:20.0703 0x02e4 Parport - ok
18:23:20.0703 0x02e4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:23:20.0843 0x02e4 PartMgr - ok
18:23:20.0890 0x02e4 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:23:21.0015 0x02e4 ParVdm - ok
18:23:21.0031 0x02e4 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:23:21.0187 0x02e4 PCI - ok
18:23:21.0187 0x02e4 PCIDump - ok
18:23:21.0218 0x02e4 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:23:21.0343 0x02e4 PCIIde - ok
18:23:21.0390 0x02e4 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:23:21.0531 0x02e4 Pcmcia - ok
18:23:21.0578 0x02e4 [ EB7DE8F91803F267E899F87197731664, 90C59947582883397F9FB6704799959FE7EBD24500571A71FFCC877997286876 ] pctvvbi C:\WINDOWS\system32\DRIVERS\pctvvbi.sys
18:23:21.0593 0x02e4 pctvvbi - detected UnsignedFile.Multi.Generic ( 1 )
18:23:21.0765 0x02e4 Detect skipped due to KSN trusted
18:23:21.0765 0x02e4 pctvvbi - ok
18:23:21.0765 0x02e4 PDCOMP - ok
18:23:21.0781 0x02e4 PDFRAME - ok
18:23:21.0796 0x02e4 PDRELI - ok
18:23:21.0812 0x02e4 PDRFRAME - ok
18:23:21.0828 0x02e4 perc2 - ok
18:23:21.0843 0x02e4 perc2hib - ok
18:23:21.0906 0x02e4 [ B293F05AD9120B0232C28945C1E98CD0, 167B16991EF8B932332378A85537427A345136FC72BC60C67993723304FD2F09 ] PfModNT C:\WINDOWS\system32\PfModNT.sys
18:23:21.0921 0x02e4 PfModNT - detected UnsignedFile.Multi.Generic ( 1 )
18:23:22.0093 0x02e4 Detect skipped due to KSN trusted
18:23:22.0093 0x02e4 PfModNT - ok
18:23:22.0125 0x02e4 [ 48B06ECA2C2F036EB3912D816EE5941B, F6977992512D73E3CBD75D7C6C0E8F26A82D58E83B117E9F9C129B410B149E20 ] PinnacleRoyalTS C:\WINDOWS\system32\DRIVERS\RoyalTS.sys
18:23:22.0187 0x02e4 PinnacleRoyalTS - ok
18:23:22.0218 0x02e4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
18:23:22.0250 0x02e4 PlugPlay - ok
18:23:22.0265 0x02e4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:23:22.0390 0x02e4 PolicyAgent - ok
18:23:22.0421 0x02e4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:23:22.0562 0x02e4 PptpMiniport - ok
18:23:22.0609 0x02e4 [ F0801AE96BF679A3DBA23D48BA74A98F, 11AC36A7CE81CA1E682CB9397647B0CA0E25CC470605C46515387C934B140D68 ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
18:23:22.0625 0x02e4 prodrv06 - detected UnsignedFile.Multi.Generic ( 1 )
18:23:22.0765 0x02e4 Detect skipped due to KSN trusted
18:23:22.0765 0x02e4 prodrv06 - ok
18:23:22.0812 0x02e4 [ 2409B32E691CB5DDA39EA40BD154A50B, DE40438D2ACF72E45C6E2E995DD1A5357A53349487BD09D05A637D528F5E4D39 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
18:23:22.0843 0x02e4 prohlp02 - detected UnsignedFile.Multi.Generic ( 1 )
18:23:22.0984 0x02e4 Detect skipped due to KSN trusted
18:23:22.0984 0x02e4 prohlp02 - ok
18:23:23.0000 0x02e4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:23:23.0140 0x02e4 ProtectedStorage - ok
18:23:23.0156 0x02e4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:23:23.0281 0x02e4 PSched - ok
18:23:23.0296 0x02e4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:23:23.0453 0x02e4 Ptilink - ok
18:23:23.0484 0x02e4 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:23:23.0500 0x02e4 PxHelp20 - ok
18:23:23.0500 0x02e4 ql1080 - ok
18:23:23.0515 0x02e4 Ql10wnt - ok
18:23:23.0531 0x02e4 ql12160 - ok
18:23:23.0546 0x02e4 ql1240 - ok
18:23:23.0562 0x02e4 ql1280 - ok
18:23:23.0593 0x02e4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:23:23.0718 0x02e4 RasAcd - ok
18:23:23.0765 0x02e4 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:23:23.0937 0x02e4 RasAuto - ok
18:23:23.0968 0x02e4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:23:24.0093 0x02e4 Rasl2tp - ok
18:23:24.0140 0x02e4 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:23:24.0312 0x02e4 RasMan - ok
18:23:24.0328 0x02e4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:23:24.0468 0x02e4 RasPppoe - ok
18:23:24.0484 0x02e4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:23:24.0625 0x02e4 Raspti - ok
18:23:24.0671 0x02e4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:23:24.0828 0x02e4 Rdbss - ok
18:23:24.0859 0x02e4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:23:25.0000 0x02e4 RDPCDD - ok
18:23:25.0062 0x02e4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:23:25.0156 0x02e4 RDPWD - ok
18:23:25.0203 0x02e4 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:23:25.0328 0x02e4 RDSessMgr - ok
18:23:25.0359 0x02e4 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:23:25.0500 0x02e4 redbook - ok
18:23:25.0546 0x02e4 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:23:25.0687 0x02e4 RemoteAccess - ok
18:23:25.0718 0x02e4 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:23:25.0859 0x02e4 RpcLocator - ok
18:23:25.0906 0x02e4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:23:25.0937 0x02e4 RpcSs - ok
18:23:25.0984 0x02e4 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:23:26.0125 0x02e4 RSVP - ok
18:23:26.0140 0x02e4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
18:23:26.0265 0x02e4 SamSs - ok
18:23:26.0312 0x02e4 [ 729248B54AFF21E740054ACEBFDBCB1C, 1C901500A2BD23590217525DD280EA1AA870545CED7749DC677F5ABE1E767C27 ] SBKUPNT C:\WINDOWS\system32\Drivers\SBKUPNT.SYS
18:23:26.0312 0x02e4 SBKUPNT - detected UnsignedFile.Multi.Generic ( 1 )
18:23:26.0484 0x02e4 Detect skipped due to KSN trusted
18:23:26.0484 0x02e4 SBKUPNT - ok
18:23:26.0562 0x02e4 [ 4939D6F53EC3A18674DEBA8532F193CA, B9618B76A943C4CBF1CB9DDA787A66D6322109D08583C2A738FDD84E0A9B1470 ] sbpci C:\WINDOWS\system32\drivers\sbpci.sys
18:23:26.0687 0x02e4 sbpci - ok
18:23:26.0718 0x02e4 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:23:26.0843 0x02e4 SCardSvr - ok
18:23:26.0906 0x02e4 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:23:27.0046 0x02e4 Schedule - ok
18:23:27.0093 0x02e4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:23:27.0187 0x02e4 Secdrv - ok
18:23:27.0218 0x02e4 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:23:27.0359 0x02e4 seclogon - ok
18:23:27.0406 0x02e4 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
18:23:27.0546 0x02e4 SENS - ok
18:23:27.0578 0x02e4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:23:27.0734 0x02e4 serenum - ok
18:23:27.0750 0x02e4 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:23:27.0890 0x02e4 Serial - ok
18:23:27.0968 0x02e4 [ 462AEE0EA0481EA8BD45CAC876A4CCC4, C26AF130C2FB4234B6AA5EE979DEFDFAC38EA038D6046495196F8DF62DEE4120 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
18:23:27.0968 0x02e4 sfhlp01 - detected UnsignedFile.Multi.Generic ( 1 )
18:23:28.0156 0x02e4 Detect skipped due to KSN trusted
18:23:28.0156 0x02e4 sfhlp01 - ok
18:23:28.0171 0x02e4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:23:28.0296 0x02e4 Sfloppy - ok
18:23:28.0359 0x02e4 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:23:28.0562 0x02e4 SharedAccess - ok
18:23:28.0593 0x02e4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:23:28.0609 0x02e4 ShellHWDetection - ok
18:23:28.0625 0x02e4 Simbad - ok
18:23:28.0671 0x02e4 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:23:28.0703 0x02e4 SkypeUpdate - ok
18:23:28.0734 0x02e4 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:23:28.0890 0x02e4 SLIP - ok
18:23:28.0906 0x02e4 Sparrow - ok
18:23:28.0953 0x02e4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:23:29.0093 0x02e4 splitter - ok
18:23:29.0125 0x02e4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:23:29.0171 0x02e4 Spooler - ok
18:23:29.0187 0x02e4 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:23:29.0281 0x02e4 sr - ok
18:23:29.0328 0x02e4 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
18:23:29.0421 0x02e4 srservice - ok
18:23:29.0468 0x02e4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:23:29.0562 0x02e4 Srv - ok
18:23:29.0609 0x02e4 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:23:29.0687 0x02e4 SSDPSRV - ok
18:23:29.0765 0x02e4 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:23:29.0921 0x02e4 stisvc - ok
18:23:29.0968 0x02e4 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:23:30.0093 0x02e4 streamip - ok
18:23:30.0125 0x02e4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:23:30.0265 0x02e4 swenum - ok
18:23:30.0281 0x02e4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:23:30.0421 0x02e4 swmidi - ok
18:23:30.0421 0x02e4 SwPrv - ok
18:23:30.0437 0x02e4 symc810 - ok
18:23:30.0453 0x02e4 symc8xx - ok
18:23:30.0468 0x02e4 sym_hi - ok
18:23:30.0484 0x02e4 sym_u3 - ok
18:23:30.0531 0x02e4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:23:30.0671 0x02e4 sysaudio - ok
18:23:30.0687 0x02e4 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:23:30.0828 0x02e4 SysmonLog - ok
18:23:30.0875 0x02e4 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:23:31.0031 0x02e4 TapiSrv - ok
18:23:31.0093 0x02e4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:23:31.0187 0x02e4 Tcpip - ok
18:23:31.0234 0x02e4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:23:31.0375 0x02e4 TDPIPE - ok
18:23:31.0406 0x02e4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:23:31.0562 0x02e4 TDTCP - ok
18:23:31.0578 0x02e4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:23:31.0718 0x02e4 TermDD - ok
18:23:31.0796 0x02e4 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
18:23:31.0937 0x02e4 TermService - ok
18:23:31.0968 0x02e4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
18:23:31.0984 0x02e4 Themes - ok
18:23:32.0015 0x02e4 TosIde - ok
18:23:32.0062 0x02e4 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:23:32.0187 0x02e4 TrkWks - ok
18:23:32.0234 0x02e4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:23:32.0375 0x02e4 Udfs - ok
18:23:32.0375 0x02e4 ultra - ok
18:23:32.0437 0x02e4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:23:32.0640 0x02e4 Update - ok
18:23:32.0687 0x02e4 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:23:32.0765 0x02e4 upnphost - ok
18:23:32.0828 0x02e4 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
18:23:32.0968 0x02e4 UPS - ok
18:23:33.0015 0x02e4 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:23:33.0078 0x02e4 usbaudio - ok
18:23:33.0125 0x02e4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:23:33.0187 0x02e4 usbccgp - ok
18:23:33.0218 0x02e4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:23:33.0250 0x02e4 usbehci - ok
18:23:33.0281 0x02e4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:23:33.0406 0x02e4 usbhub - ok
18:23:33.0437 0x02e4 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:23:33.0578 0x02e4 usbprint - ok
18:23:33.0609 0x02e4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:23:33.0640 0x02e4 usbscan - ok
18:23:33.0671 0x02e4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:23:33.0812 0x02e4 USBSTOR - ok
18:23:33.0843 0x02e4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:23:33.0984 0x02e4 usbuhci - ok
18:23:34.0015 0x02e4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:23:34.0140 0x02e4 VgaSave - ok
18:23:34.0140 0x02e4 ViaIde - ok
18:23:34.0203 0x02e4 [ 1B7B0954AF54E716F697C511D68C150E, ED2F64A412EC0C0486E7340F0E100EFCA6D32D77DA97C5D088F3A518FB03EA98 ] viamraid C:\WINDOWS\system32\DRIVERS\viamraid.sys
18:23:34.0281 0x02e4 viamraid - ok
18:23:34.0312 0x02e4 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:23:34.0453 0x02e4 VolSnap - ok
18:23:34.0484 0x02e4 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
18:23:34.0578 0x02e4 VSS - ok
18:23:34.0718 0x02e4 [ F4FAB0B9D43A65F79FC838C94006F643, D8FBD317ABEBD3B2548B82FA62783FBC78F273427B1EE86BA49575E54789BD39 ] VX1000 C:\WINDOWS\system32\DRIVERS\VX1000.sys
18:23:34.0828 0x02e4 VX1000 - ok
18:23:34.0890 0x02e4 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
18:23:35.0031 0x02e4 W32Time - ok
18:23:35.0062 0x02e4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:23:35.0187 0x02e4 Wanarp - ok
18:23:35.0265 0x02e4 [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
18:23:35.0312 0x02e4 Wdf01000 - ok
18:23:35.0328 0x02e4 WDICA - ok
18:23:35.0359 0x02e4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:23:35.0500 0x02e4 wdmaud - ok
18:23:35.0531 0x02e4 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:23:35.0656 0x02e4 WebClient - ok
18:23:35.0750 0x02e4 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:23:35.0890 0x02e4 winmgmt - ok
18:23:35.0953 0x02e4 [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:23:36.0015 0x02e4 WmdmPmSN - ok
18:23:36.0062 0x02e4 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:23:36.0203 0x02e4 WmiApSrv - ok
18:23:36.0328 0x02e4 [ 0DCC3A79329F0FDE9B1B5283CACD3F50, 9A8B24C8B6F044B8BD2EDDCC0BA07F50BC806F092DAA86D10D26052FB8A601EA ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:23:36.0453 0x02e4 WMPNetworkSvc - ok
18:23:36.0500 0x02e4 [ C60DC16D4E406810FAD54B98DC92D5EC, 43E7DF323BBD7C889CAD078176E239319A40EE4BEBC7BD753012B94CF5E48551 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:23:36.0515 0x02e4 WpdUsb - ok
18:23:36.0625 0x02e4 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:23:36.0687 0x02e4 WPFFontCache_v0400 - ok
18:23:36.0734 0x02e4 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:23:36.0859 0x02e4 WS2IFSL - ok
18:23:36.0906 0x02e4 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:23:37.0046 0x02e4 wscsvc - ok
18:23:37.0078 0x02e4 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:23:37.0218 0x02e4 WSTCODEC - ok
18:23:37.0265 0x02e4 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:23:37.0390 0x02e4 wuauserv - ok
18:23:37.0437 0x02e4 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:23:37.0656 0x02e4 WudfPf - ok
18:23:37.0687 0x02e4 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:23:37.0765 0x02e4 WudfRd - ok
18:23:37.0812 0x02e4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:23:37.0890 0x02e4 WudfSvc - ok
18:23:37.0968 0x02e4 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:23:38.0140 0x02e4 WZCSVC - ok
18:23:38.0187 0x02e4 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:23:38.0343 0x02e4 xmlprov - ok
18:23:38.0359 0x02e4 ================ Scan global ===============================
18:23:38.0390 0x02e4 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
18:23:38.0437 0x02e4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
18:23:38.0468 0x02e4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
18:23:38.0515 0x02e4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
18:23:38.0515 0x02e4 [ Global ] - ok
18:23:38.0531 0x02e4 ================ Scan MBR ==================================
18:23:38.0546 0x02e4 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
18:23:38.0781 0x02e4 \Device\Harddisk0\DR0 - ok
18:23:38.0796 0x02e4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:23:38.0890 0x02e4 \Device\Harddisk1\DR1 - ok
18:23:38.0906 0x02e4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR4
18:23:39.0093 0x02e4 \Device\Harddisk2\DR4 - ok
18:23:39.0093 0x02e4 ================ Scan VBR ==================================
18:23:39.0109 0x02e4 [ A03F13B6A216F46A3C7CC14B713C0FD7 ] \Device\Harddisk0\DR0\Partition1
18:23:39.0109 0x02e4 \Device\Harddisk0\DR0\Partition1 - ok
18:23:39.0109 0x02e4 [ 01A71F063EE417857C05301A8700204C ] \Device\Harddisk1\DR1\Partition1
18:23:39.0140 0x02e4 \Device\Harddisk1\DR1\Partition1 - ok
18:23:39.0156 0x02e4 [ 364FDC032E3F81286D2529D20DC05AC2 ] \Device\Harddisk2\DR4\Partition1
18:23:39.0156 0x02e4 \Device\Harddisk2\DR4\Partition1 - ok
18:23:39.0156 0x02e4 Waiting for KSN requests completion. In queue: 240
18:23:40.0234 0x02e4 AV detected via SS1: ESET Smart Security 7.0, 7.0, enabled, updated
18:23:40.0234 0x02e4 FW detected via SS1: ESET Personální firewall, 7.0.302.26, enabled
18:23:40.0312 0x02e4 ============================================================
18:23:40.0312 0x02e4 Scan finished
18:23:40.0312 0x02e4 ============================================================
18:23:40.0328 0x0d20 Detected object count: 0
18:23:40.0328 0x0d20 Actual detected object count: 0

[Rudy]

Nenašel nic. Nemáte nainstalován nějaký emulační program?

[e_mysak]

Myslím že ne, často vstupuji přes firefox na facebook a do banky, na firefoxu mám doplněk proti reklamám Adblock plus
málo používám : skype, Quick mark, Fremake video,
pak jsem používal často VLC media player který mi ale po poslední aktualizaci úplně rozhodil PC a polovina věcí nefungovala,tak jej určitě vyhodím
a poměrně často se mi objevují nabídky aktualizací Adobe,
samozřejmě je pro mne důležité Účto a to je vše.
Jinak jsem vděčný za pomoc a pokud jsme hotovi tak bych se měl zeptat co jsem dlužen a můžete-li poradit kam nelézt abych ten virus nechytl znovu. Ještě maličkost, pro získání TDSSKilleru je lepší tato adresa:
http://support.kaspersky.com/viruses/utility#
Takže ještě jednou dekuji za pomoc.

[Rudy]

Děkuji za odkaz a vy nemáte zač!